| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/Book.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
4:
|
"import java.math.BigDecimal" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
4:
|
"import java.math.BigDecimal" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
5:
|
"import java.util.Date" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
5:
|
"import java.util.Date" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
7:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Serializable class 'Book' does not implement readObject() |
APSC_DV.001460.OROM-2 |
|
7:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
7:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Book has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
7:
|
getter method without an @invariant contract: getISBN() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getPublicationDate() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getDescription() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getAuthors() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getPublisher() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getTimestamp() |
DBC.IGM-3 |
|
7:
|
Missing Javadoc comment for 'Book' |
JAVADOC.PJDC-3 |
|
7:
|
Public clone method missing |
OOP.MUCOP-3 |
|
7:
|
Static creation method missing |
OOP.MUCOP-3 |
|
7:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
7:
|
Book implements Serializable instead of Externalizable |
SERIAL.EZEE-3 |
|
7:
|
Class 'com.parasoft.bookstore.Book' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
7:
|
Class 'com.parasoft.bookstore.Book' should be declared "final" |
GLOBAL.SPPC-5 |
|
7:
|
Serializable class 'Book' does not implement readObject() |
OWASP2017.A8.OROM-5 |
|
7:
|
Serializable class 'Book' does not implement readObject() |
OWASP2021.A8.OROM-5 |
|
7:
|
Serializable class 'Book' does not implement readObject() |
SECURITY.EAB.OROM-5 |
|
7:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
7:
|
Number of Javadoc comments are below thresholds (%): 5.0 |
METRICS.PJDC-3 |
|
7:
|
interface type 'Serializable' is used |
MOBILE.AUI-3 |
|
7:
|
The interface 'Serializable' is already implemented by a superclass of this class |
OOP.RI-3 |
|
8:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
8:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
Inspect field 'isbn' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
12:
|
Inspect field 'isbn' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
12:
|
Inspect field 'isbn' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
12:
|
Missing 'getIsbn()' method for field 'isbn' |
BEAN.NFM-4 |
|
12:
|
Missing 'setIsbn()' method for field 'isbn' |
BEAN.NFM-4 |
|
12:
|
Field 'isbn' should be declared "private" |
GLOBAL.DPPF-4 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
13:
|
Inspect field 'publication_date' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
13:
|
Inspect field 'publication_date' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
13:
|
Inspect field 'publication_date' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
13:
|
Missing 'getPublication_date()' method for field 'publication_date' |
BEAN.NFM-4 |
|
13:
|
Missing 'setPublication_date()' method for field 'publication_date' |
BEAN.NFM-4 |
|
13:
|
Field 'publication_date' should be declared "private" |
GLOBAL.DPPF-4 |
|
13:
|
Inspect usage of the 'Date' object 'publication_date' |
SECURITY.BV.ADT-5 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Inspect field 'description' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
14:
|
Inspect field 'description' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
14:
|
Inspect field 'description' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
14:
|
Field 'description' should be declared "private" |
GLOBAL.DPPF-4 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
15:
|
Inspect field 'authors' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
15:
|
Inspect field 'authors' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
15:
|
Inspect field 'authors' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
15:
|
Field 'authors' should be declared "private" |
GLOBAL.DPPF-4 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
16:
|
Inspect field 'publisher' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
16:
|
Inspect field 'publisher' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
16:
|
Inspect field 'publisher' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
16:
|
Field 'publisher' should be declared "private" |
GLOBAL.DPPF-4 |
|
17:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
17:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
17:
|
Inspect field 'timestamp' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
17:
|
Inspect field 'timestamp' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
17:
|
Inspect field 'timestamp' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
17:
|
Missing 'setTimestamp()' method for field 'timestamp' |
BEAN.NFM-4 |
|
17:
|
Field 'timestamp' should be declared "private" |
GLOBAL.DPPF-4 |
|
17:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
19:
|
No JUnit test method defined for 'Book()' |
JUNIT.TEST-2 |
|
19:
|
This constructor for the class "Book" does not explicitly call a constructor of the superclass |
CODSTA.READ.ECSC-3 |
|
19:
|
Missing Javadoc comment for method 'Book()' |
JAVADOC.PJDM-3 |
|
19:
|
Field 'isbn', declared on line 12, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
19:
|
Field 'publisher', declared on line 16, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
19:
|
Field 'publication_date', declared on line 13, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
19:
|
Field 'description', declared on line 14, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
19:
|
Field 'authors', declared on line 15, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
19:
|
Field 'timestamp', declared on line 17, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
19:
|
Overloaded constructors: 'Book' have different accessibilities |
CODSTA.BP.OCMA-5 |
|
23:
|
Line is longer than 80 characters: 82 |
APSC_DV.003215.LL-3 |
|
23:
|
Line is longer than 80 characters: 82 |
FORMAT.LL-3 |
|
23:
|
Constructor 'Book' throws 'ItemNotFoundException' |
CERT.OBJ11.EPNFC-1 |
|
23:
|
No JUnit test method defined for 'Book()' |
JUNIT.TEST-2 |
|
23:
|
Constructor 'Book' throws 'ItemNotFoundException' |
EXCEPT.EPNFC-3 |
|
23:
|
Constructor 'Book()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
23:
|
Constructor 'Book()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
23:
|
Field 'timestamp', declared on line 17, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
23:
|
'Book ()' contains too many parameters: 9 |
METRICS.PAR-2 |
|
23:
|
Formal parameter 'id' is not declared as final |
CODSTA.BP.FPF-3 |
|
23:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
23:
|
Formal parameter 'isbn' is not declared as final |
CODSTA.BP.FPF-3 |
|
23:
|
The parameter 'isbn' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
23:
|
Parameter 'isbn' has the same name as a field |
OOP.HMF-3 |
|
23:
|
Formal parameter 'title' is not declared as final |
CODSTA.BP.FPF-3 |
|
23:
|
Formal parameter 'year' is not declared as final |
CODSTA.BP.FPF-3 |
|
23:
|
Inspect usage of the 'Date' object 'year' |
SECURITY.BV.ADT-5 |
|
23:
|
Array parameter 'authors' is not cloned before it is stored |
CWE.496.CAP-1 |
|
23:
|
Array parameter 'authors' is not cloned before it is stored |
SECURITY.WSC.CAP-1 |
|
23:
|
Formal parameter 'authors' is not declared as final |
CODSTA.BP.FPF-3 |
|
23:
|
The parameter 'authors' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
23:
|
Parameter 'authors' has the same name as a field |
OOP.HMF-3 |
|
24:
|
Line is longer than 80 characters: 85 |
APSC_DV.003215.LL-3 |
|
24:
|
Line is longer than 80 characters: 85 |
FORMAT.LL-3 |
|
24:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
24:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
24:
|
Formal parameter 'publisher' is not declared as final |
CODSTA.BP.FPF-3 |
|
24:
|
The parameter 'publisher' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
24:
|
Parameter 'publisher' has the same name as a field |
OOP.HMF-3 |
|
24:
|
Formal parameter 'description' is not declared as final |
CODSTA.BP.FPF-3 |
|
24:
|
The parameter 'description' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
24:
|
Parameter 'description' has the same name as a field |
OOP.HMF-3 |
|
24:
|
Formal parameter 'price' is not declared as final |
CODSTA.BP.FPF-3 |
|
24:
|
Formal parameter 'stock' is not declared as final |
CODSTA.BP.FPF-3 |
|
24:
|
Variable 'stock' does not end with 'int' |
NAMING.UHN-4 |
|
25:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
25:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
26:
|
Opening brace '{' is not on the same line as the constructor declaration |
APSC_DV.003215.FCB-3 |
|
26:
|
Opening brace '{' is not on the same line as the constructor declaration |
FORMAT.FCB-3 |
|
35:
|
No JUnit test method defined for 'getISBN()' |
JUNIT.TEST-2 |
|
35:
|
The method 'getISBN' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
35:
|
Globally unused "public" method: getISBN() |
GLOBAL.UPPM-4 |
|
35:
|
Getter method 'getISBN()' is not declared "final" |
OPT.MAF-5 |
|
39:
|
Setter method 'setISBN()' is not declared "final" |
OPT.MAF-5 |
|
39:
|
No JUnit test method defined for 'setISBN()' |
JUNIT.TEST-2 |
|
39:
|
Globally unused "public" method: setISBN() |
GLOBAL.UPPM-4 |
|
39:
|
Formal parameter 'isbn' is not declared as final |
CODSTA.BP.FPF-3 |
|
39:
|
The parameter 'isbn' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
39:
|
Parameter 'isbn' has the same name as a field |
OOP.HMF-3 |
|
43:
|
No JUnit test method defined for 'getPublicationDate()' |
JUNIT.TEST-2 |
|
43:
|
The method 'getPublicationDate' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
43:
|
Globally unused "public" method: getPublicationDate() |
GLOBAL.UPPM-4 |
|
43:
|
Getter method 'getPublicationDate()' is not declared "final" |
OPT.MAF-5 |
|
47:
|
Setter method 'setPublicationDate()' is not declared "final" |
OPT.MAF-5 |
|
47:
|
No JUnit test method defined for 'setPublicationDate()' |
JUNIT.TEST-2 |
|
47:
|
Globally unused "public" method: setPublicationDate() |
GLOBAL.UPPM-4 |
|
47:
|
Formal parameter 'publication_date' is not declared as final |
CODSTA.BP.FPF-3 |
|
47:
|
The parameter 'publication_date' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
47:
|
Parameter 'publication_date' has the same name as a field |
OOP.HMF-3 |
|
47:
|
Inspect usage of the 'Date' object 'publication_date' |
SECURITY.BV.ADT-5 |
|
51:
|
No JUnit test method defined for 'getDescription()' |
JUNIT.TEST-2 |
|
51:
|
The method 'getDescription' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
51:
|
Globally unused "public" method: getDescription() |
GLOBAL.UPPM-4 |
|
51:
|
Getter method 'getDescription()' is not declared "final" |
OPT.MAF-5 |
|
55:
|
Setter method 'setDescription()' is not declared "final" |
OPT.MAF-5 |
|
55:
|
No JUnit test method defined for 'setDescription()' |
JUNIT.TEST-2 |
|
55:
|
Globally unused "public" method: setDescription() |
GLOBAL.UPPM-4 |
|
55:
|
Formal parameter 'description' is not declared as final |
CODSTA.BP.FPF-3 |
|
55:
|
The parameter 'description' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
55:
|
Parameter 'description' has the same name as a field |
OOP.HMF-3 |
|
59:
|
No JUnit test method defined for 'getAuthors()' |
JUNIT.TEST-2 |
|
59:
|
The method 'getAuthors' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
59:
|
Globally unused "public" method: getAuthors() |
GLOBAL.UPPM-4 |
|
59:
|
Getter method 'getAuthors()' is not declared "final" |
OPT.MAF-5 |
|
60:
|
Exposing the internal representation of 'Book' through the array 'authors' |
CWE.375.RA-3 |
|
60:
|
Exposing the internal representation of 'Book' through the array 'authors' |
CWE.495.RA-3 |
|
60:
|
Exposing the internal representation of 'Book' through the array 'authors' |
SECURITY.ESD.RA-3 |
|
63:
|
No JUnit test method defined for 'setAuthors()' |
JUNIT.TEST-2 |
|
63:
|
Globally unused "public" method: setAuthors() |
GLOBAL.UPPM-4 |
|
63:
|
Setter method 'setAuthors()' is not declared "final" |
OPT.MAF-5 |
|
63:
|
Array parameter 'authors' is not cloned before it is stored |
CWE.496.CAP-1 |
|
63:
|
Array parameter 'authors' is not cloned before it is stored |
SECURITY.WSC.CAP-1 |
|
63:
|
Formal parameter 'authors' is not declared as final |
CODSTA.BP.FPF-3 |
|
63:
|
The parameter 'authors' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
63:
|
Parameter 'authors' has the same name as a field |
OOP.HMF-3 |
|
67:
|
No JUnit test method defined for 'getPublisher()' |
JUNIT.TEST-2 |
|
67:
|
The method 'getPublisher' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
67:
|
Globally unused "public" method: getPublisher() |
GLOBAL.UPPM-4 |
|
67:
|
Getter method 'getPublisher()' is not declared "final" |
OPT.MAF-5 |
|
71:
|
Setter method 'setPublisher()' is not declared "final" |
OPT.MAF-5 |
|
71:
|
No JUnit test method defined for 'setPublisher()' |
JUNIT.TEST-2 |
|
71:
|
Globally unused "public" method: setPublisher() |
GLOBAL.UPPM-4 |
|
71:
|
Formal parameter 'publisher' is not declared as final |
CODSTA.BP.FPF-3 |
|
71:
|
The parameter 'publisher' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
71:
|
Parameter 'publisher' has the same name as a field |
OOP.HMF-3 |
|
75:
|
No JUnit test method defined for 'getTimestamp()' |
JUNIT.TEST-2 |
|
75:
|
Globally unused "public" method: getTimestamp() |
GLOBAL.UPPM-4 |
|
75:
|
Getter method 'getTimestamp()' is not declared "final" |
OPT.MAF-5 |
|
79:
|
No JUnit test method defined for 'refreshTimestamp()' |
JUNIT.TEST-2 |
|
79:
|
Missing Javadoc comment for method 'refreshTimestamp()' |
JAVADOC.PJDM-3 |
|
79:
|
Name of setter method 'refreshTimestamp' does not match user-specified regular expression '^set.' |
NAMING.SETA-3 |
|
79:
|
Globally unused "public" method: refreshTimestamp() |
GLOBAL.UPPM-4 |
|
80:
|
Inspect that 'System.currentTimeMillis()' is used securely |
SECURITY.BV.ADT-5 |
|
82:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
82:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/BookStoreDB.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
4:
|
"import java.sql.Date" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
4:
|
"import java.sql.Date" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
9:
|
"import java.util.Enumeration" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
9:
|
"import java.util.Enumeration" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
13:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
13:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
13:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
13:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
13:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
13:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
13:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
13:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
13:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
13:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
13:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
13:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
13:
|
Missing Javadoc comment for 'BookStoreDB' |
JAVADOC.PJDC-3 |
|
13:
|
Name of singleton class 'BookStoreDB' does not match user-specified regular expression '^.+Singleton$' |
NAMING.SINGLETON-3 |
|
13:
|
Public clone method missing |
OOP.MUCOP-3 |
|
13:
|
Static creation method missing |
OOP.MUCOP-3 |
|
13:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
13:
|
Class 'com.parasoft.bookstore.BookStoreDB' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
13:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
13:
|
Class 'com.parasoft.bookstore.BookStoreDB' should be declared "final" |
GLOBAL.SPPC-5 |
|
13:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
13:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
13:
|
This class is not declared as "final" although it has only "private" constructors |
CODSTA.BP.PCF-3 |
|
13:
|
'BookStoreDB' contains too many fields: 16 |
METRICS.NOFT-4 |
|
13:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
13:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
14:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Variable 'MAX_BOOKS_TO_ADD' does not end with 'int' |
NAMING.UHN-4 |
|
16:
|
Elements in 'BookStoreDB' not ordered appropriately, first violation: field 'NL_TABLE_BOOK' at line 16 should be placed before
field 'MAX_BOOKS_TO_ADD' at line 14 |
CODSTA.ORG.FO-3 |
|
16:
|
There is not 1 space after 'NL_TABLE_BOOK' |
APSC_DV.003215.SAOP-3 |
|
16:
|
There is not 1 space after 'NL_TABLE_BOOK' |
FORMAT.SAOP-3 |
|
16:
|
Constant 'NL_TABLE_BOOK' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
16:
|
Non internationalized string: "book" |
INTER.ITT-3 |
|
17:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
17:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
17:
|
There is not 1 space after 'NL_TABLE_AUTHOR' |
APSC_DV.003215.SAOP-3 |
|
17:
|
There is not 1 space after 'NL_TABLE_AUTHOR' |
FORMAT.SAOP-3 |
|
17:
|
Constant 'NL_TABLE_AUTHOR' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
17:
|
Non internationalized string: "author" |
INTER.ITT-3 |
|
18:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
18:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
18:
|
Constant 'NL_TABLE_PUBLISHER' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
18:
|
Non internationalized string: "publisher" |
INTER.ITT-3 |
|
20:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
20:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
20:
|
There is not 1 space after 'NL_ID' |
APSC_DV.003215.SAOP-3 |
|
20:
|
There is not 1 space after 'NL_ID' |
FORMAT.SAOP-3 |
|
20:
|
Constant 'NL_ID' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
20:
|
Non internationalized string: "id" |
INTER.ITT-3 |
|
21:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
21:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
21:
|
There is not 1 space after 'NL_ISBN' |
APSC_DV.003215.SAOP-3 |
|
21:
|
There is not 1 space after 'NL_ISBN' |
FORMAT.SAOP-3 |
|
21:
|
Constant 'NL_ISBN' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
21:
|
Non internationalized string: "isbn" |
INTER.ITT-3 |
|
21:
|
Misspelled word 'isbn' |
JAVADOC.SPELL-3 |
|
22:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
22:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
22:
|
There is not 1 space after 'NL_TITLE' |
APSC_DV.003215.SAOP-3 |
|
22:
|
There is not 1 space after 'NL_TITLE' |
FORMAT.SAOP-3 |
|
22:
|
Constant 'NL_TITLE' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
22:
|
Non internationalized string: "title" |
INTER.ITT-3 |
|
23:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
23:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
23:
|
There is not 1 space after 'NL_YEAR' |
APSC_DV.003215.SAOP-3 |
|
23:
|
There is not 1 space after 'NL_YEAR' |
FORMAT.SAOP-3 |
|
23:
|
Constant 'NL_YEAR' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
23:
|
Non internationalized string: "year" |
INTER.ITT-3 |
|
24:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
24:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
24:
|
There is not 1 space after 'NL_NAME' |
APSC_DV.003215.SAOP-3 |
|
24:
|
There is not 1 space after 'NL_NAME' |
FORMAT.SAOP-3 |
|
24:
|
Constant 'NL_NAME' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
24:
|
Non internationalized string: "name" |
INTER.ITT-3 |
|
25:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
25:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
25:
|
Constant 'NL_DESCRIPTION' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
25:
|
Non internationalized string: "description" |
INTER.ITT-3 |
|
26:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
26:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
26:
|
There is not 1 space after 'NL_PRICE' |
APSC_DV.003215.SAOP-3 |
|
26:
|
There is not 1 space after 'NL_PRICE' |
FORMAT.SAOP-3 |
|
26:
|
Constant 'NL_PRICE' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
26:
|
Non internationalized string: "price" |
INTER.ITT-3 |
|
27:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
27:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
27:
|
There is not 1 space after 'NL_STOCK' |
APSC_DV.003215.SAOP-3 |
|
27:
|
There is not 1 space after 'NL_STOCK' |
FORMAT.SAOP-3 |
|
27:
|
Constant 'NL_STOCK' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
27:
|
Non internationalized string: "stock" |
INTER.ITT-3 |
|
29:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
29:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
29:
|
Constant 'NL_PUBLISHER_NAME' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
29:
|
Non internationalized string: "PN" |
INTER.ITT-3 |
|
30:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
30:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
30:
|
Non internationalized string: "AN" |
INTER.ITT-3 |
|
34:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
34:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
34:
|
Found "static" variable of type "Map" or "Collection": 'addedBooks' |
GC.STV-3 |
|
34:
|
"static" field 'addedBooks' not initialized |
INIT.SF-3 |
|
36:
|
Constructor 'BookStoreDB' throws 'SQLException, InstantiationException, IllegalAccessException, ClassNotFoundException' |
CERT.OBJ11.EPNFC-1 |
|
36:
|
Constructor 'BookStoreDB' throws 'SQLException, InstantiationException, IllegalAccessException, ClassNotFoundException' |
EXCEPT.EPNFC-3 |
|
37:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
37:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
41:
|
Opening brace '{' is not on the same line as the constructor declaration |
APSC_DV.003215.FCB-3 |
|
41:
|
Opening brace '{' is not on the same line as the constructor declaration |
FORMAT.FCB-3 |
|
45:
|
No JUnit test method defined for 'getDBInstance()' |
JUNIT.TEST-2 |
|
45:
|
The method 'getDBInstance' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
45:
|
Missing Javadoc comment for method 'getDBInstance()' |
JAVADOC.PJDM-3 |
|
45:
|
The class 'BookStoreDB' is a singleton, but the method 'getDBInstance()' to get the singleton instance is not "synchronized" |
OOP.SNGL-3 |
|
45:
|
Method 'getDBInstance()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
45:
|
Method 'getDBInstance()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
46:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
46:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
50:
|
Opening brace '{' is not on the same line as the method declaration |
APSC_DV.003215.FCB-3 |
|
50:
|
Opening brace '{' is not on the same line as the method declaration |
FORMAT.FCB-3 |
|
51:
|
Lazy initialization is not thread-safe: db |
CERT.MSC07.ILI-3 |
|
51:
|
Lazy initialization is not thread-safe: db |
CWE.543.ILI-3 |
|
51:
|
Lazy initialization is not thread-safe: db |
TRS.ILI-3 |
|
51:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
51:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
52:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
CERT.LCK05.IASF-3 |
|
52:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
CWE.543.IASF-3 |
|
52:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
TRS.IASF-3 |
|
53:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
53:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
53:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
55:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
59:
|
Line is longer than 80 characters: 102 |
APSC_DV.003215.LL-3 |
|
59:
|
Line is longer than 80 characters: 102 |
FORMAT.LL-3 |
|
59:
|
No JUnit test method defined for 'getByTitleLike()' |
JUNIT.TEST-2 |
|
59:
|
The method 'getByTitleLike' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
59:
|
Missing Javadoc comment for method 'getByTitleLike()' |
JAVADOC.PJDM-3 |
|
59:
|
Globally unused "public" method: getByTitleLike() |
GLOBAL.UPPM-4 |
|
59:
|
Overloaded methods: 'getByTitleLike' have different accessibilities |
CODSTA.BP.OCMA-5 |
|
59:
|
Formal parameter 'titlePart' is not declared as final |
CODSTA.BP.FPF-3 |
|
60:
|
Line is longer than 80 characters: 83 |
APSC_DV.003215.LL-3 |
|
60:
|
Line is longer than 80 characters: 83 |
FORMAT.LL-3 |
|
61:
|
The declaration of the local variable 'query' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
61:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
61:
|
Non internationalized string: "SELECT DISTINCT " |
INTER.ITT-3 |
|
61:
|
Concatenating strings |
INTER.COS-5 |
|
61:
|
The String literal "SELECT DISTINCT " is used |
SECURITY.WSC.SL-3 |
|
62:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
62:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
62:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
62:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
62:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
63:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
63:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
63:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
63:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
63:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
63:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
64:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
64:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
64:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
64:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
64:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
65:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
65:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
65:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
65:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
65:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
66:
|
Line is longer than 80 characters: 87 |
APSC_DV.003215.LL-3 |
|
66:
|
Line is longer than 80 characters: 87 |
FORMAT.LL-3 |
|
66:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
66:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
66:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
66:
|
The String literal " as " is used |
SECURITY.WSC.SL-3 |
|
66:
|
Non internationalized string: " as " |
INTER.ITT-3 |
|
66:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
66:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
67:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
67:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
67:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
67:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
67:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
68:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
68:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
68:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
68:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
68:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
69:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
69:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
69:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
70:
|
The String literal " FROM " is used |
SECURITY.WSC.SL-3 |
|
70:
|
Non internationalized string: " FROM " |
INTER.ITT-3 |
|
71:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
71:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
71:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
71:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
72:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
72:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
73:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
74:
|
Non internationalized string: " WHERE " |
INTER.ITT-3 |
|
74:
|
The String literal " WHERE " is used |
SECURITY.WSC.SL-3 |
|
75:
|
Line is longer than 80 characters: 114 |
APSC_DV.003215.LL-3 |
|
75:
|
Line is longer than 80 characters: 114 |
FORMAT.LL-3 |
|
75:
|
Non internationalized string: "LCASE(" |
INTER.ITT-3 |
|
75:
|
The String literal "LCASE(" is used |
SECURITY.WSC.SL-3 |
|
75:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
75:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
75:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
75:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
75:
|
The String literal ")" is used |
SECURITY.WSC.SL-3 |
|
75:
|
Single character ')' using double quotes in string concatenation |
OPT.STR-3 |
|
75:
|
Non internationalized string: " LIKE '%" |
INTER.ITT-3 |
|
75:
|
The String literal " LIKE '%" is used |
SECURITY.WSC.SL-3 |
|
75:
|
The 'toLowerCase' method is called without the java.util.Locale parameter |
CERT.STR02.CCL-2 |
|
75:
|
The 'toLowerCase' method is called without the java.util.Locale parameter |
INTER.CCL-3 |
|
75:
|
Non internationalized string: "%' AND " |
INTER.ITT-3 |
|
75:
|
The String literal "%' AND " is used |
SECURITY.WSC.SL-3 |
|
76:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
76:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
76:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
76:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
76:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
76:
|
The String literal " = " is used |
SECURITY.WSC.SL-3 |
|
77:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
77:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
77:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
77:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
77:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
78:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
78:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
78:
|
Non internationalized string: ".publisher_id = " |
INTER.ITT-3 |
|
78:
|
The String literal ".publisher_id = " is used |
SECURITY.WSC.SL-3 |
|
79:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
79:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
79:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
80:
|
The local variable 'db' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
80:
|
Local variable 'db' has the same name as a field |
OOP.HMF-3 |
|
80:
|
The declaration of the local variable 'db' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
81:
|
Line is longer than 80 characters: 123 |
APSC_DV.003215.LL-3 |
|
81:
|
Line is longer than 80 characters: 123 |
FORMAT.LL-3 |
|
81:
|
interface type 'Statement' is used |
MOBILE.AUI-3 |
|
81:
|
JDBC resource 'stmt' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
81:
|
The declaration of the local variable 'stmt' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
81:
|
Avoid using native jdbc to prepare statement |
CWE.245.JDBCTEMPLATE-3 |
|
81:
|
Avoid using native jdbc to prepare statement |
OWASP2019.API7.JDBCTEMPLATE-3 |
|
81:
|
Avoid using native jdbc to prepare statement |
SPRING.JDBCTEMPLATE-3 |
|
81:
|
Consider using 'prepareCall()' or 'prepareStatement()' to prevent SQL injection vulnerabilities |
CWE.89.UPS-1 |
|
81:
|
Consider using 'prepareCall()' or 'prepareStatement()' to prevent SQL injection vulnerabilities |
OWASP2017.A1.UPS-1 |
|
81:
|
Consider using 'prepareCall()' or 'prepareStatement()' to prevent SQL injection vulnerabilities |
OWASP2019.API8.UPS-1 |
|
81:
|
Consider using 'prepareCall()' or 'prepareStatement()' to prevent SQL injection vulnerabilities |
OWASP2021.A3.UPS-1 |
|
81:
|
Consider using 'prepareCall()' or 'prepareStatement()' to prevent SQL injection vulnerabilities |
PCIDSS32.651.UPS-1 |
|
81:
|
Consider using 'prepareCall()' or 'prepareStatement()' to prevent SQL injection vulnerabilities |
SECURITY.IBA.UPS-1 |
|
81:
|
Consider using 'prepareCall()' or 'prepareStatement()' to prevent SQL injection vulnerabilities |
APSC_DV.001460.UPS-2 |
|
82:
|
There is not 1 space after 'books' |
APSC_DV.003215.SAOP-3 |
|
82:
|
There is not 1 space after 'books' |
FORMAT.SAOP-3 |
|
82:
|
The declaration of the local variable 'books' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
82:
|
Avoid using native jdbc to execute statement |
CWE.245.JDBCTEMPLATE-3 |
|
82:
|
Avoid using native jdbc to execute statement |
OWASP2019.API7.JDBCTEMPLATE-3 |
|
82:
|
Avoid using native jdbc to execute statement |
SPRING.JDBCTEMPLATE-3 |
| +
|
85:
|
JDBC resultset not closed: stmt.resultSet() |
APSC_DV.002000.LEAKS-2 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
Point where the resource is allocated
BookStoreDB.java (82): stmt.executeQuery(query) *** Allocated resource variable: stmt.resultSet(), stmt.executeQuery(query)
BookStoreDB.java (82): Book[] books= getByTitleLike(stmt.executeQuery(query), titlePart); *** BookStoreDB.getByTitleLike() throws SQLException
BookStoreDB.java (90): boolean hasNext = rs.first(); *** ResultSet.first() throws SQLException *** Allocated resource variable: rs
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt.resultSet() |
|
| +
|
85:
|
JDBC resultset not closed: stmt.resultSet() |
BD.RES.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
Point where the resource is allocated
BookStoreDB.java (82): stmt.executeQuery(query) *** Allocated resource variable: stmt.resultSet(), stmt.executeQuery(query)
BookStoreDB.java (82): Book[] books= getByTitleLike(stmt.executeQuery(query), titlePart); *** BookStoreDB.getByTitleLike() throws SQLException
BookStoreDB.java (90): boolean hasNext = rs.first(); *** ResultSet.first() throws SQLException *** Allocated resource variable: rs
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt.resultSet() |
|
| +
|
85:
|
JDBC resultset not closed: stmt.resultSet() |
CERT.FIO04.LEAKS-3 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
Point where the resource is allocated
BookStoreDB.java (82): stmt.executeQuery(query) *** Allocated resource variable: stmt.resultSet(), stmt.executeQuery(query)
BookStoreDB.java (82): Book[] books= getByTitleLike(stmt.executeQuery(query), titlePart); *** BookStoreDB.getByTitleLike() throws SQLException
BookStoreDB.java (90): boolean hasNext = rs.first(); *** ResultSet.first() throws SQLException *** Allocated resource variable: rs
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt.resultSet() |
|
| +
|
85:
|
JDBC resultset not closed: stmt.resultSet() |
CERT.MSC04.LEAKS-3 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
Point where the resource is allocated
BookStoreDB.java (82): stmt.executeQuery(query) *** Allocated resource variable: stmt.resultSet(), stmt.executeQuery(query)
BookStoreDB.java (82): Book[] books= getByTitleLike(stmt.executeQuery(query), titlePart); *** BookStoreDB.getByTitleLike() throws SQLException
BookStoreDB.java (90): boolean hasNext = rs.first(); *** ResultSet.first() throws SQLException *** Allocated resource variable: rs
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt.resultSet() |
|
| +
|
85:
|
JDBC resultset not closed: stmt.resultSet() |
CWE.400.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
Point where the resource is allocated
BookStoreDB.java (82): stmt.executeQuery(query) *** Allocated resource variable: stmt.resultSet(), stmt.executeQuery(query)
BookStoreDB.java (82): Book[] books= getByTitleLike(stmt.executeQuery(query), titlePart); *** BookStoreDB.getByTitleLike() throws SQLException
BookStoreDB.java (90): boolean hasNext = rs.first(); *** ResultSet.first() throws SQLException *** Allocated resource variable: rs
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt.resultSet() |
|
| +
|
85:
|
JDBC resultset not closed: stmt.resultSet() |
CWE.459.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
Point where the resource is allocated
BookStoreDB.java (82): stmt.executeQuery(query) *** Allocated resource variable: stmt.resultSet(), stmt.executeQuery(query)
BookStoreDB.java (82): Book[] books= getByTitleLike(stmt.executeQuery(query), titlePart); *** BookStoreDB.getByTitleLike() throws SQLException
BookStoreDB.java (90): boolean hasNext = rs.first(); *** ResultSet.first() throws SQLException *** Allocated resource variable: rs
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt.resultSet() |
|
| +
|
85:
|
JDBC resultset not closed: stmt.resultSet() |
CWE.771.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
Point where the resource is allocated
BookStoreDB.java (82): stmt.executeQuery(query) *** Allocated resource variable: stmt.resultSet(), stmt.executeQuery(query)
BookStoreDB.java (82): Book[] books= getByTitleLike(stmt.executeQuery(query), titlePart); *** BookStoreDB.getByTitleLike() throws SQLException
BookStoreDB.java (90): boolean hasNext = rs.first(); *** ResultSet.first() throws SQLException *** Allocated resource variable: rs
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt.resultSet() |
|
| +
|
85:
|
JDBC resultset not closed: stmt.resultSet() |
CWE.772.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
Point where the resource is allocated
BookStoreDB.java (82): stmt.executeQuery(query) *** Allocated resource variable: stmt.resultSet(), stmt.executeQuery(query)
BookStoreDB.java (82): Book[] books= getByTitleLike(stmt.executeQuery(query), titlePart); *** BookStoreDB.getByTitleLike() throws SQLException
BookStoreDB.java (90): boolean hasNext = rs.first(); *** ResultSet.first() throws SQLException *** Allocated resource variable: rs
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt.resultSet() |
|
| +
|
85:
|
JDBC resultset not closed: stmt.resultSet() |
OWASP2019.API4.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE);
Point where the resource is allocated
BookStoreDB.java (82): stmt.executeQuery(query) *** Allocated resource variable: stmt.resultSet(), stmt.executeQuery(query)
BookStoreDB.java (82): Book[] books= getByTitleLike(stmt.executeQuery(query), titlePart); *** BookStoreDB.getByTitleLike() throws SQLException
BookStoreDB.java (90): boolean hasNext = rs.first(); *** ResultSet.first() throws SQLException *** Allocated resource variable: rs
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt.resultSet() |
|
| +
|
85:
|
JDBC statement not closed: stmt |
APSC_DV.002000.LEAKS-2 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
Point where the resource is allocated
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); *** Allocated resource variable: stmt
BookStoreDB.java (82): stmt.executeQuery(query) *** Statement.executeQuery() throws SQLException
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt |
|
| +
|
85:
|
JDBC statement not closed: stmt |
BD.RES.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
Point where the resource is allocated
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); *** Allocated resource variable: stmt
BookStoreDB.java (82): stmt.executeQuery(query) *** Statement.executeQuery() throws SQLException
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt |
|
| +
|
85:
|
JDBC statement not closed: stmt |
CERT.FIO04.LEAKS-3 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
Point where the resource is allocated
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); *** Allocated resource variable: stmt
BookStoreDB.java (82): stmt.executeQuery(query) *** Statement.executeQuery() throws SQLException
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt |
|
| +
|
85:
|
JDBC statement not closed: stmt |
CERT.MSC04.LEAKS-3 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
Point where the resource is allocated
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); *** Allocated resource variable: stmt
BookStoreDB.java (82): stmt.executeQuery(query) *** Statement.executeQuery() throws SQLException
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt |
|
| +
|
85:
|
JDBC statement not closed: stmt |
CWE.400.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
Point where the resource is allocated
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); *** Allocated resource variable: stmt
BookStoreDB.java (82): stmt.executeQuery(query) *** Statement.executeQuery() throws SQLException
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt |
|
| +
|
85:
|
JDBC statement not closed: stmt |
CWE.459.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
Point where the resource is allocated
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); *** Allocated resource variable: stmt
BookStoreDB.java (82): stmt.executeQuery(query) *** Statement.executeQuery() throws SQLException
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt |
|
| +
|
85:
|
JDBC statement not closed: stmt |
CWE.771.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
Point where the resource is allocated
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); *** Allocated resource variable: stmt
BookStoreDB.java (82): stmt.executeQuery(query) *** Statement.executeQuery() throws SQLException
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt |
|
| +
|
85:
|
JDBC statement not closed: stmt |
CWE.772.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
Point where the resource is allocated
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); *** Allocated resource variable: stmt
BookStoreDB.java (82): stmt.executeQuery(query) *** Statement.executeQuery() throws SQLException
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt |
|
| +
|
85:
|
JDBC statement not closed: stmt |
OWASP2019.API4.LEAKS-1 |
| |
|
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (75): titlePart.toLowerCase() +"%' AND " +
BookStoreDB.java (61): String query = "SELECT DISTINCT " +
BookStoreDB.java (80): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
Point where the resource is allocated
BookStoreDB.java (81): Statement stmt = db.getConnection().createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE); *** Allocated resource variable: stmt
BookStoreDB.java (82): stmt.executeQuery(query) *** Statement.executeQuery() throws SQLException
Point where the allocated resource is lost
BookStoreDB.java (85): } *** Allocated resource variable: stmt |
|
|
87:
|
Line is longer than 80 characters: 109 |
APSC_DV.003215.LL-3 |
|
87:
|
Line is longer than 80 characters: 109 |
FORMAT.LL-3 |
|
87:
|
The method 'getByTitleLike' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
87:
|
'getByTitleLike ()' contains too many 'statements': 50 |
METRICS.NSTMT-3 |
|
87:
|
interface type 'ResultSet' is used |
MOBILE.AUI-3 |
|
87:
|
Formal parameter 'rs' is not declared as final |
CODSTA.BP.FPF-3 |
|
87:
|
Formal parameter 'titlePart' is not declared as final |
CODSTA.BP.FPF-3 |
|
87:
|
Exception 'InstantiationException' is not thrown in the body of method 'getByTitleLike' |
GLOBAL.AUT-2 |
|
88:
|
Line is longer than 80 characters: 83 |
APSC_DV.003215.LL-3 |
|
88:
|
Line is longer than 80 characters: 83 |
FORMAT.LL-3 |
|
88:
|
Exception 'IllegalAccessException' is not thrown in the body of method 'getByTitleLike' |
GLOBAL.AUT-2 |
|
88:
|
Exception 'ClassNotFoundException' is not thrown in the body of method 'getByTitleLike' |
GLOBAL.AUT-2 |
|
90:
|
Variable 'hasNext' does not end with 'boolean' |
NAMING.UHN-4 |
|
90:
|
The declaration of the local variable 'hasNext' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
91:
|
The declaration of the local variable 'books' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
91:
|
Consider using an 'ArrayList' instead of a 'Vector' here for efficiency |
OPT.SDLS-3 |
|
91:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
93:
|
The declaration of the local variable 'query2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
93:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
93:
|
Non internationalized string: "SELECT " |
INTER.ITT-3 |
|
93:
|
Concatenating strings |
INTER.COS-5 |
|
93:
|
The String literal "SELECT " is used |
SECURITY.WSC.SL-3 |
|
94:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
94:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
94:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
94:
|
The String literal " as " is used |
SECURITY.WSC.SL-3 |
|
94:
|
Non internationalized string: " as " |
INTER.ITT-3 |
|
95:
|
Non internationalized string: " FROM " |
INTER.ITT-3 |
|
95:
|
The String literal " FROM " is used |
SECURITY.WSC.SL-3 |
|
96:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
96:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
96:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
97:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
97:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
97:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
99:
|
The String literal " WHERE " is used |
SECURITY.WSC.SL-3 |
|
99:
|
Non internationalized string: " WHERE " |
INTER.ITT-3 |
|
100:
|
Line is longer than 80 characters: 82 |
APSC_DV.003215.LL-3 |
|
100:
|
Line is longer than 80 characters: 82 |
FORMAT.LL-3 |
|
100:
|
Non internationalized string: "LCASE(" |
INTER.ITT-3 |
|
100:
|
The String literal "LCASE(" is used |
SECURITY.WSC.SL-3 |
|
100:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
100:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
100:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
100:
|
The String literal ")" is used |
SECURITY.WSC.SL-3 |
|
100:
|
Single character ')' using double quotes in string concatenation |
OPT.STR-3 |
|
100:
|
Non internationalized string: " LIKE ? AND " |
INTER.ITT-3 |
|
100:
|
The String literal " LIKE ? AND " is used |
SECURITY.WSC.SL-3 |
|
101:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
101:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
101:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
101:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
101:
|
The String literal " = " is used |
SECURITY.WSC.SL-3 |
|
102:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
102:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
102:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
102:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
102:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
102:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
103:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
103:
|
Non internationalized string: ".publisher_id = " |
INTER.ITT-3 |
|
103:
|
The String literal ".publisher_id = " is used |
SECURITY.WSC.SL-3 |
|
104:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
104:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
104:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
104:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
105:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
105:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
105:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
105:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
105:
|
The String literal " = ?" is used |
SECURITY.WSC.SL-3 |
|
106:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
106:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
106:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
107:
|
Local constant not declared "final": id |
CODSTA.READ.FLV-3 |
|
107:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
107:
|
The declaration of the local variable 'id' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
107:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
108:
|
The declaration of the local variable 'isbn' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
108:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
109:
|
The declaration of the local variable 'title' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
109:
|
field 'NL_TITLE' is used multiple times |
MOBILE.ACFM-3 |
|
110:
|
The declaration of the local variable 'year' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
110:
|
Inspect usage of the 'Date' object 'year' |
SECURITY.BV.ADT-5 |
|
110:
|
field 'NL_YEAR' is used multiple times |
MOBILE.ACFM-3 |
|
111:
|
The declaration of the local variable 'publisher' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
111:
|
field 'NL_PUBLISHER_NAME' is used multiple times |
MOBILE.ACFM-3 |
|
112:
|
The declaration of the local variable 'description' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
112:
|
field 'NL_DESCRIPTION' is used multiple times |
MOBILE.ACFM-3 |
|
113:
|
The declaration of the local variable 'price' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
113:
|
field 'NL_PRICE' is used multiple times |
MOBILE.ACFM-3 |
|
114:
|
Local constant not declared "final": stock |
CODSTA.READ.FLV-3 |
|
114:
|
Variable 'stock' does not end with 'int' |
NAMING.UHN-4 |
|
114:
|
The declaration of the local variable 'stock' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
114:
|
field 'NL_STOCK' is used multiple times |
MOBILE.ACFM-3 |
|
116:
|
interface type 'PreparedStatement' is used |
MOBILE.AUI-3 |
|
116:
|
JDBC resource 'stmt2' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
116:
|
The declaration of the local variable 'stmt2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
116:
|
field 'db' is used multiple times |
MOBILE.ACFM-3 |
|
116:
|
Non-local variable 'db' used inside loop body |
OPT.USV-4 |
|
117:
|
Line is longer than 80 characters: 92 |
APSC_DV.003215.LL-3 |
|
117:
|
Line is longer than 80 characters: 92 |
FORMAT.LL-3 |
|
117:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
117:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
117:
|
field 'TYPE_SCROLL_INSENSITIVE' is used multiple times |
MOBILE.ACFM-3 |
|
118:
|
Line is longer than 80 characters: 87 |
APSC_DV.003215.LL-3 |
|
118:
|
Line is longer than 80 characters: 87 |
FORMAT.LL-3 |
|
118:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
118:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
118:
|
field 'CONCUR_UPDATABLE' is used multiple times |
MOBILE.ACFM-3 |
|
119:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
119:
|
Single character '%' using double quotes in string concatenation |
OPT.STR-3 |
|
119:
|
Concatenating strings |
INTER.COS-5 |
|
119:
|
The String literal "%" is used |
SECURITY.WSC.SL-3 |
|
119:
|
The 'toLowerCase' method is called without the java.util.Locale parameter |
CERT.STR02.CCL-2 |
|
119:
|
The 'toLowerCase' method is called without the java.util.Locale parameter |
INTER.CCL-3 |
|
119:
|
Single character '%' using double quotes in string concatenation |
OPT.STR-3 |
|
119:
|
The String literal "%" is used |
SECURITY.WSC.SL-3 |
| +
|
120:
|
The "getString()" method returns tainted data that should be validated before use |
APSC_DV.002500.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (120): stmt2.setString(2, isbn); |
|
| +
|
120:
|
The "getString()" method returns tainted data that should be validated before use |
BD.SECURITY.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (120): stmt2.setString(2, isbn); |
|
| +
|
120:
|
The "getString()" method returns tainted data that should be validated before use |
CERT.IDS11.VPPD-1 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (120): stmt2.setString(2, isbn); |
|
| +
|
120:
|
The "getString()" method returns tainted data that should be validated before use |
CWE.352.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (120): stmt2.setString(2, isbn); |
|
| +
|
120:
|
The "getString()" method returns tainted data that should be validated before use |
CWE.79.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (120): stmt2.setString(2, isbn); |
|
| +
|
120:
|
The "getString()" method returns tainted data that should be validated before use |
PCIDSS32.659.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (120): stmt2.setString(2, isbn); |
|
|
121:
|
interface type 'ResultSet' is used |
MOBILE.AUI-3 |
|
121:
|
JDBC resource 'rs2' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
121:
|
Variable 'rs2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
121:
|
The declaration of the local variable 'rs2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
122:
|
Variable 'hasMore' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
122:
|
Variable 'hasMore' does not end with 'boolean' |
NAMING.UHN-4 |
|
122:
|
The declaration of the local variable 'hasMore' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
123:
|
Variable 'authors' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
123:
|
The declaration of the local variable 'authors' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
123:
|
Consider using an 'ArrayList' instead of a 'Vector' here for efficiency |
OPT.SDLS-3 |
|
123:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
125:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
125:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
125:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
126:
|
The declaration of the local variable 'author' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
126:
|
field 'NL_AUTHOR_NAME' is used multiple times |
MOBILE.ACFM-3 |
|
127:
|
Calling synchronized method 'add' inside of a loop |
OPT.SYN-3 |
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
APSC_DV.002500.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (126): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (127): authors.add(author); |
|
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
BD.SECURITY.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (126): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (127): authors.add(author); |
|
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
CERT.IDS11.VPPD-1 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (126): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (127): authors.add(author); |
|
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
CWE.352.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (126): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (127): authors.add(author); |
|
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
CWE.79.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (126): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (127): authors.add(author); |
|
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
PCIDSS32.659.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (126): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (127): authors.add(author); |
|
|
129:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
131:
|
Place the [] after the array type, not after the variable: arrayOfAuthors |
APSC_DV.003215.IAD-3 |
|
131:
|
Place the [] after the array type, not after the variable: arrayOfAuthors |
FORMAT.IAD-3 |
|
131:
|
Variable 'arrayOfAuthors' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
131:
|
The declaration of the local variable 'arrayOfAuthors' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
131:
|
'OutOfMemoryError' should be caught for potentially large array allocations |
MOBILE.J2ME.OOME-3 |
|
131:
|
Calling synchronized method 'size' inside of a loop |
OPT.SYN-3 |
|
133:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
133:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
133:
|
Variable 'i' does not end with 'int' |
NAMING.UHN-4 |
|
133:
|
'arrayOfAuthors.length' should not be used in a loop condition expression |
MOBILE.J2ME.ARLL-3 |
|
133:
|
field 'length' is used multiple times |
MOBILE.ACFM-3 |
|
133:
|
Non-local variable 'length' used inside loop body |
OPT.USV-4 |
|
134:
|
Calling synchronized method 'elementAt' inside of a loop |
OPT.SYN-3 |
|
135:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
137:
|
Line is longer than 80 characters: 82 |
APSC_DV.003215.LL-3 |
|
137:
|
Line is longer than 80 characters: 82 |
FORMAT.LL-3 |
|
137:
|
Variable 'book' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
137:
|
The declaration of the local variable 'book' is not followed by a comment |
CODSTA.READ.CLV-5 |
| +
|
137:
|
The "getInt()" method returns tainted data that should be validated before use |
APSC_DV.002500.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming false) *** Not entering the loop
BookStoreDB.java (131): String arrayOfAuthors[] = new String[authors.size()];
BookStoreDB.java (133): for (int i = 0; i < arrayOfAuthors.length; ++i) { *** Loop condition evaluation: (i < arrayOfAuthors.length) (assuming false) *** Not entering the loop
Point where tainted data is used
BookStoreDB.java (137): new Book(id, isbn, title, year, arrayOfAuthors, publisher, |
|
| +
|
137:
|
The "getInt()" method returns tainted data that should be validated before use |
BD.SECURITY.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming false) *** Not entering the loop
BookStoreDB.java (131): String arrayOfAuthors[] = new String[authors.size()];
BookStoreDB.java (133): for (int i = 0; i < arrayOfAuthors.length; ++i) { *** Loop condition evaluation: (i < arrayOfAuthors.length) (assuming false) *** Not entering the loop
Point where tainted data is used
BookStoreDB.java (137): new Book(id, isbn, title, year, arrayOfAuthors, publisher, |
|
| +
|
137:
|
The "getInt()" method returns tainted data that should be validated before use |
CERT.IDS11.VPPD-1 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming false) *** Not entering the loop
BookStoreDB.java (131): String arrayOfAuthors[] = new String[authors.size()];
BookStoreDB.java (133): for (int i = 0; i < arrayOfAuthors.length; ++i) { *** Loop condition evaluation: (i < arrayOfAuthors.length) (assuming false) *** Not entering the loop
Point where tainted data is used
BookStoreDB.java (137): new Book(id, isbn, title, year, arrayOfAuthors, publisher, |
|
| +
|
137:
|
The "getInt()" method returns tainted data that should be validated before use |
CWE.352.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming false) *** Not entering the loop
BookStoreDB.java (131): String arrayOfAuthors[] = new String[authors.size()];
BookStoreDB.java (133): for (int i = 0; i < arrayOfAuthors.length; ++i) { *** Loop condition evaluation: (i < arrayOfAuthors.length) (assuming false) *** Not entering the loop
Point where tainted data is used
BookStoreDB.java (137): new Book(id, isbn, title, year, arrayOfAuthors, publisher, |
|
| +
|
137:
|
The "getInt()" method returns tainted data that should be validated before use |
CWE.79.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming false) *** Not entering the loop
BookStoreDB.java (131): String arrayOfAuthors[] = new String[authors.size()];
BookStoreDB.java (133): for (int i = 0; i < arrayOfAuthors.length; ++i) { *** Loop condition evaluation: (i < arrayOfAuthors.length) (assuming false) *** Not entering the loop
Point where tainted data is used
BookStoreDB.java (137): new Book(id, isbn, title, year, arrayOfAuthors, publisher, |
|
| +
|
137:
|
The "getInt()" method returns tainted data that should be validated before use |
PCIDSS32.659.VPPD-2 |
| |
|
BookStoreDB.java (90): boolean hasNext = rs.first();
BookStoreDB.java (91): Vector<Book> books = new Vector<>();
BookStoreDB.java (93): String query2 = "SELECT " +
BookStoreDB.java (106): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (107): int id = rs.getInt(NL_ID);
BookStoreDB.java (108): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (109): String title = rs.getString(NL_TITLE);
BookStoreDB.java (110): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (111): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (112): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (113): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (114): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (116): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (119): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (120): stmt2.setString(2, isbn);
BookStoreDB.java (121): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (122): boolean hasMore = rs2.first();
BookStoreDB.java (123): Vector<String> authors = new Vector<>();
BookStoreDB.java (125): while (hasMore) { *** Loop condition evaluation: hasMore (assuming false) *** Not entering the loop
BookStoreDB.java (131): String arrayOfAuthors[] = new String[authors.size()];
BookStoreDB.java (133): for (int i = 0; i < arrayOfAuthors.length; ++i) { *** Loop condition evaluation: (i < arrayOfAuthors.length) (assuming false) *** Not entering the loop
Point where tainted data is used
BookStoreDB.java (137): new Book(id, isbn, title, year, arrayOfAuthors, publisher, |
|
|
138:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
138:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
139:
|
Calling synchronized method 'add' inside of a loop |
OPT.SYN-3 |
|
141:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
143:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
143:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
144:
|
interface type 'Enumeration' is used |
MOBILE.AUI-3 |
|
144:
|
The declaration of the local variable 'enum_var' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
145:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
145:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
145:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
146:
|
Variable name 'b' is not of type "byte" |
NAMING.CVN-4 |
|
146:
|
The length of the identifier "b" is less than the minimum length (2) |
NAMING.LLI-4 |
|
147:
|
Line is longer than 80 characters: 102 |
APSC_DV.003215.LL-3 |
|
147:
|
Line is longer than 80 characters: 102 |
FORMAT.LL-3 |
|
147:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
147:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
147:
|
Missing '()' to separate complex expression |
APSC_DV.003215.APAREN-3 |
|
147:
|
The return value of 'getBook()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
147:
|
Missing '()' to separate complex expression |
FORMAT.APAREN-3 |
|
147:
|
Missing '()' to separate complex expression |
APSC_DV.003215.APAREN-3 |
|
147:
|
The return value of 'getName()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
147:
|
The return value of 'getBook()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
147:
|
Missing '()' to separate complex expression |
FORMAT.APAREN-3 |
|
148:
|
Calling synchronized method 'add' inside of a loop |
OPT.SYN-3 |
|
149:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
150:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
151:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
153:
|
Place the [] after the array type, not after the variable: arrayOfBooks |
APSC_DV.003215.IAD-3 |
|
153:
|
Place the [] after the array type, not after the variable: arrayOfBooks |
FORMAT.IAD-3 |
|
153:
|
Variable 'arrayOfBooks' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
153:
|
The declaration of the local variable 'arrayOfBooks' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
153:
|
'OutOfMemoryError' should be caught for potentially large array allocations |
MOBILE.J2ME.OOME-3 |
|
155:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
155:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
155:
|
Variable 'i' does not end with 'int' |
NAMING.UHN-4 |
|
155:
|
'arrayOfBooks.length' should not be used in a loop condition expression |
MOBILE.J2ME.ARLL-3 |
|
155:
|
field 'length' is used multiple times |
MOBILE.ACFM-3 |
|
156:
|
Calling synchronized method 'elementAt' inside of a loop |
OPT.SYN-3 |
|
157:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
159:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
159:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
160:
|
Line is longer than 80 characters: 81 |
APSC_DV.003215.LL-3 |
|
160:
|
Line is longer than 80 characters: 81 |
FORMAT.LL-3 |
|
160:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
160:
|
Concatenating strings |
INTER.COS-5 |
|
160:
|
The String literal "no books with titles containing '" is used |
SECURITY.WSC.SL-3 |
|
161:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
161:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
161:
|
The String literal "' were found" is used |
SECURITY.WSC.SL-3 |
|
162:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
166:
|
No JUnit test method defined for 'getById()' |
JUNIT.TEST-2 |
|
166:
|
The method 'getById' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
166:
|
Missing Javadoc comment for method 'getById()' |
JAVADOC.PJDM-3 |
|
166:
|
Globally unused "public" method: getById() |
GLOBAL.UPPM-4 |
|
166:
|
Formal parameter 'id' is not declared as final |
CODSTA.BP.FPF-3 |
|
166:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
167:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
167:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
172:
|
Opening brace '{' is not on the same line as the method declaration |
APSC_DV.003215.FCB-3 |
|
172:
|
Opening brace '{' is not on the same line as the method declaration |
FORMAT.FCB-3 |
|
173:
|
The local variable 'db' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
173:
|
Local variable 'db' has the same name as a field |
OOP.HMF-3 |
|
173:
|
The declaration of the local variable 'db' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
174:
|
The declaration of the local variable 'query' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
174:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
174:
|
Non internationalized string: "SELECT " |
INTER.ITT-3 |
|
174:
|
Concatenating strings |
INTER.COS-5 |
|
174:
|
The String literal "SELECT " is used |
SECURITY.WSC.SL-3 |
|
174:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
174:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
174:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
174:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
174:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
174:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
175:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
175:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
175:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
175:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
175:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
175:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
175:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
175:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
176:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
176:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
176:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
176:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
176:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
176:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
176:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
177:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
177:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
177:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
177:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
177:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
177:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
177:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
178:
|
Line is longer than 80 characters: 106 |
APSC_DV.003215.LL-3 |
|
178:
|
Line is longer than 80 characters: 106 |
FORMAT.LL-3 |
|
178:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
178:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
178:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
178:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
178:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
178:
|
The String literal " as " is used |
SECURITY.WSC.SL-3 |
|
178:
|
Non internationalized string: " as " |
INTER.ITT-3 |
|
178:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
178:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
179:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
179:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
179:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
179:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
179:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
179:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
179:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
180:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
180:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
180:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
180:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
180:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
180:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
180:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
181:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
181:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
181:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
181:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
181:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
182:
|
The String literal " FROM " is used |
SECURITY.WSC.SL-3 |
|
182:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
182:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
182:
|
Non internationalized string: " FROM " |
INTER.ITT-3 |
|
182:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
182:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
182:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
182:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
183:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
183:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
183:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
183:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
183:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
184:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
184:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
184:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
185:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
185:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
185:
|
Non internationalized string: " WHERE " |
INTER.ITT-3 |
|
185:
|
The String literal " WHERE " is used |
SECURITY.WSC.SL-3 |
|
185:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
185:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
185:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
185:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
185:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
185:
|
Non internationalized string: " = ? AND " |
INTER.ITT-3 |
|
185:
|
The String literal " = ? AND " is used |
SECURITY.WSC.SL-3 |
|
186:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
186:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
186:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
186:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
186:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
186:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
186:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
186:
|
The String literal " = " is used |
SECURITY.WSC.SL-3 |
|
187:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
187:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
187:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
187:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
187:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
187:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
187:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
187:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
188:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
188:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
188:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
188:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
188:
|
Non internationalized string: ".publisher_id = " |
INTER.ITT-3 |
|
188:
|
The String literal ".publisher_id = " is used |
SECURITY.WSC.SL-3 |
|
189:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
189:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
189:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
189:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
189:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
189:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
190:
|
interface type 'PreparedStatement' is used |
MOBILE.AUI-3 |
|
190:
|
JDBC resource 'stmt' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
190:
|
The declaration of the local variable 'stmt' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
191:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
191:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
192:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
192:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
194:
|
interface type 'ResultSet' is used |
MOBILE.AUI-3 |
|
194:
|
JDBC resource 'rs' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
194:
|
Variable 'rs' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
194:
|
The declaration of the local variable 'rs' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
195:
|
Local constant not declared "final": exists |
CODSTA.READ.FLV-3 |
|
195:
|
Variable 'exists' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
195:
|
Variable 'exists' does not end with 'boolean' |
NAMING.UHN-4 |
|
195:
|
The declaration of the local variable 'exists' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
196:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
196:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
197:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
197:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
198:
|
interface type 'Enumeration' is used |
MOBILE.AUI-3 |
|
198:
|
The declaration of the local variable 'enum_var' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
199:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
199:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
199:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
200:
|
Variable name 'b' is not of type "byte" |
NAMING.CVN-4 |
|
200:
|
The length of the identifier "b" is less than the minimum length (2) |
NAMING.LLI-4 |
|
201:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
201:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
201:
|
The return value of 'getBook()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
204:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
205:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
206:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
207:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
207:
|
Concatenating strings |
INTER.COS-5 |
|
207:
|
The String literal "no book with the id " is used |
SECURITY.WSC.SL-3 |
|
207:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
208:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
208:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
208:
|
The String literal " was found" is used |
SECURITY.WSC.SL-3 |
|
209:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
210:
|
Variable 'isbn' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
210:
|
The declaration of the local variable 'isbn' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
210:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
211:
|
Variable 'title' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
211:
|
The declaration of the local variable 'title' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
212:
|
Variable 'year' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
212:
|
The declaration of the local variable 'year' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
212:
|
Inspect usage of the 'Date' object 'year' |
SECURITY.BV.ADT-5 |
|
213:
|
Variable 'publisher' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
213:
|
The declaration of the local variable 'publisher' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
214:
|
Variable 'description' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
214:
|
The declaration of the local variable 'description' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
215:
|
Variable 'price' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
215:
|
The declaration of the local variable 'price' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
216:
|
Local constant not declared "final": stock |
CODSTA.READ.FLV-3 |
|
216:
|
Variable 'stock' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
216:
|
Variable 'stock' does not end with 'int' |
NAMING.UHN-4 |
|
216:
|
The declaration of the local variable 'stock' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
217:
|
Line is longer than 80 characters: 95 |
APSC_DV.003215.LL-3 |
|
217:
|
Line is longer than 80 characters: 95 |
FORMAT.LL-3 |
|
217:
|
Variable 'query2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
217:
|
The declaration of the local variable 'query2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
217:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
217:
|
Non internationalized string: "SELECT " |
INTER.ITT-3 |
|
217:
|
Concatenating strings |
INTER.COS-5 |
|
217:
|
The String literal "SELECT " is used |
SECURITY.WSC.SL-3 |
|
217:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
217:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
217:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
217:
|
The String literal " as " is used |
SECURITY.WSC.SL-3 |
|
217:
|
Non internationalized string: " as " |
INTER.ITT-3 |
|
218:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
218:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
218:
|
Non internationalized string: " FROM " |
INTER.ITT-3 |
|
218:
|
The String literal " FROM " is used |
SECURITY.WSC.SL-3 |
|
218:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
218:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
218:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
218:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
219:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
219:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
219:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
219:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
219:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
220:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
220:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
220:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
221:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
221:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
221:
|
Non internationalized string: " WHERE " |
INTER.ITT-3 |
|
221:
|
The String literal " WHERE " is used |
SECURITY.WSC.SL-3 |
|
221:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
221:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
221:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
221:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
221:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
221:
|
Non internationalized string: " = ? AND " |
INTER.ITT-3 |
|
221:
|
The String literal " = ? AND " is used |
SECURITY.WSC.SL-3 |
|
222:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
222:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
222:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
222:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
222:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
222:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
222:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
222:
|
The String literal " = " is used |
SECURITY.WSC.SL-3 |
|
223:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
223:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
223:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
223:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
223:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
223:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
223:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
223:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
224:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
224:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
224:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
224:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
224:
|
Non internationalized string: ".publisher_id = " |
INTER.ITT-3 |
|
224:
|
The String literal ".publisher_id = " is used |
SECURITY.WSC.SL-3 |
|
225:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
225:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
225:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
225:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
225:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
225:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
226:
|
interface type 'PreparedStatement' is used |
MOBILE.AUI-3 |
|
226:
|
JDBC resource 'stmt2' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
226:
|
Variable 'stmt2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
226:
|
The declaration of the local variable 'stmt2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
227:
|
Line is longer than 80 characters: 88 |
APSC_DV.003215.LL-3 |
|
227:
|
Line is longer than 80 characters: 88 |
FORMAT.LL-3 |
|
227:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
227:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
228:
|
Line is longer than 80 characters: 82 |
APSC_DV.003215.LL-3 |
|
228:
|
Line is longer than 80 characters: 82 |
FORMAT.LL-3 |
|
228:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
228:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
230:
|
interface type 'ResultSet' is used |
MOBILE.AUI-3 |
|
230:
|
JDBC resource 'rs2' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
230:
|
Variable 'rs2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
230:
|
The declaration of the local variable 'rs2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
231:
|
Variable 'more2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
231:
|
Variable 'more2' does not end with 'boolean' |
NAMING.UHN-4 |
|
231:
|
The declaration of the local variable 'more2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
232:
|
Variable 'authors' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
232:
|
The declaration of the local variable 'authors' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
232:
|
Consider using an 'ArrayList' instead of a 'Vector' here for efficiency |
OPT.SDLS-3 |
|
232:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
233:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
233:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
233:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
234:
|
The declaration of the local variable 'author' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
234:
|
field 'NL_AUTHOR_NAME' is used multiple times |
MOBILE.ACFM-3 |
|
235:
|
Calling synchronized method 'add' inside of a loop |
OPT.SYN-3 |
| +
|
235:
|
The "getString()" method returns tainted data that should be validated before use |
APSC_DV.002500.VPPD-2 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (234): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (235): authors.add(author); |
|
| +
|
235:
|
The "getString()" method returns tainted data that should be validated before use |
BD.SECURITY.VPPD-2 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (234): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (235): authors.add(author); |
|
| +
|
235:
|
The "getString()" method returns tainted data that should be validated before use |
CERT.IDS11.VPPD-1 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (234): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (235): authors.add(author); |
|
| +
|
235:
|
The "getString()" method returns tainted data that should be validated before use |
CWE.352.VPPD-2 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (234): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (235): authors.add(author); |
|
| +
|
235:
|
The "getString()" method returns tainted data that should be validated before use |
CWE.79.VPPD-2 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (234): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (235): authors.add(author); |
|
| +
|
235:
|
The "getString()" method returns tainted data that should be validated before use |
PCIDSS32.659.VPPD-2 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (234): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (235): authors.add(author); |
|
|
237:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
238:
|
Place the [] after the array type, not after the variable: arr |
APSC_DV.003215.IAD-3 |
|
238:
|
Place the [] after the array type, not after the variable: arr |
FORMAT.IAD-3 |
|
238:
|
Variable name 'arr' does not match user-specified regular expression '(s|List|Set|Array|Table)$' for array and collection
variables |
NAMING.NAC-3 |
|
238:
|
Variable 'arr' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
238:
|
The declaration of the local variable 'arr' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
238:
|
'OutOfMemoryError' should be caught for potentially large array allocations |
MOBILE.J2ME.OOME-3 |
|
239:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
239:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
239:
|
Variable 'i' does not end with 'int' |
NAMING.UHN-4 |
|
239:
|
'arr.length' should not be used in a loop condition expression |
MOBILE.J2ME.ARLL-3 |
|
239:
|
field 'length' is used multiple times |
MOBILE.ACFM-3 |
|
240:
|
Calling synchronized method 'elementAt' inside of a loop |
OPT.SYN-3 |
|
241:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
| +
|
243:
|
The "getInt()" method returns tainted data that should be validated before use |
APSC_DV.002500.VPPD-2 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (238): String arr[] = new String[authors.size()];
BookStoreDB.java (239): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (242): stmt.close();
Point where tainted data is used
BookStoreDB.java (243): new Book(id, isbn, title, year, arr, publisher, |
|
| +
|
243:
|
The "getInt()" method returns tainted data that should be validated before use |
BD.SECURITY.VPPD-2 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (238): String arr[] = new String[authors.size()];
BookStoreDB.java (239): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (242): stmt.close();
Point where tainted data is used
BookStoreDB.java (243): new Book(id, isbn, title, year, arr, publisher, |
|
| +
|
243:
|
The "getInt()" method returns tainted data that should be validated before use |
CERT.IDS11.VPPD-1 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (238): String arr[] = new String[authors.size()];
BookStoreDB.java (239): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (242): stmt.close();
Point where tainted data is used
BookStoreDB.java (243): new Book(id, isbn, title, year, arr, publisher, |
|
| +
|
243:
|
The "getInt()" method returns tainted data that should be validated before use |
CWE.352.VPPD-2 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (238): String arr[] = new String[authors.size()];
BookStoreDB.java (239): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (242): stmt.close();
Point where tainted data is used
BookStoreDB.java (243): new Book(id, isbn, title, year, arr, publisher, |
|
| +
|
243:
|
The "getInt()" method returns tainted data that should be validated before use |
CWE.79.VPPD-2 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (238): String arr[] = new String[authors.size()];
BookStoreDB.java (239): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (242): stmt.close();
Point where tainted data is used
BookStoreDB.java (243): new Book(id, isbn, title, year, arr, publisher, |
|
| +
|
243:
|
The "getInt()" method returns tainted data that should be validated before use |
PCIDSS32.659.VPPD-2 |
| |
|
BookStoreDB.java (173): BookStoreDB db = getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
BookStoreDB.java (174): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (190): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (193): stmt.setInt(1, id);
BookStoreDB.java (194): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (195): boolean exists = rs.first();
BookStoreDB.java (196): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (210): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (211): String title = rs.getString(NL_TITLE);
BookStoreDB.java (212): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (213): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (214): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (215): BigDecimal price = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (216): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (217): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (226): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (229): stmt2.setInt(1, id);
BookStoreDB.java (230): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (231): boolean more2 = rs2.first();
BookStoreDB.java (232): Vector<String> authors = new Vector<>();
BookStoreDB.java (233): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (238): String arr[] = new String[authors.size()];
BookStoreDB.java (239): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (242): stmt.close();
Point where tainted data is used
BookStoreDB.java (243): new Book(id, isbn, title, year, arr, publisher, |
|
|
244:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
244:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
247:
|
No JUnit test method defined for 'addNewItem()' |
JUNIT.TEST-2 |
|
247:
|
Missing Javadoc comment for method 'addNewItem()' |
JAVADOC.PJDM-3 |
|
247:
|
Globally unused "public" method: addNewItem() |
GLOBAL.UPPM-4 |
|
247:
|
Formal parameter 'tempbook' is not declared as final |
CODSTA.BP.FPF-3 |
|
247:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
APSC_DV.001460.NTX-2 |
|
247:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
CERT.ERR07.NTX-3 |
|
247:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
CODSTA.BP.NTX-3 |
|
247:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
CWE.397.NTX-3 |
|
247:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
OWASP2017.A6.NTX-3 |
|
247:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
OWASP2021.A5.NTX-3 |
|
247:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
OWASP2019.API7.NTX-5 |
|
248:
|
Lazy initialization is not thread-safe: addedBooks |
CERT.MSC07.ILI-3 |
|
248:
|
Lazy initialization is not thread-safe: addedBooks |
CWE.543.ILI-3 |
|
248:
|
Lazy initialization is not thread-safe: addedBooks |
TRS.ILI-3 |
|
248:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
248:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
249:
|
This code may not be thread-safe; setting and accessing the field 'addedBooks' may require synchronization |
CERT.LCK05.IASF-3 |
|
249:
|
This code may not be thread-safe; setting and accessing the field 'addedBooks' may require synchronization |
CWE.543.IASF-3 |
|
249:
|
This code may not be thread-safe; setting and accessing the field 'addedBooks' may require synchronization |
TRS.IASF-3 |
|
249:
|
Hashtable 'addedBooks' may have improved performance as a ConcurrentHashMap |
TRS.CHM-5 |
|
249:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
250:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
251:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
251:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
252:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
252:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
252:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
252:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
252:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
252:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
252:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
252:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
252:
|
Concatenating strings |
INTER.COS-5 |
|
252:
|
The String literal "Too many books (" is used |
SECURITY.WSC.SL-3 |
|
252:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
253:
|
Line is longer than 80 characters: 160 |
APSC_DV.003215.LL-3 |
|
253:
|
Line is longer than 80 characters: 160 |
FORMAT.LL-3 |
|
253:
|
The String literal ") have been added already. Added books are removed as soon as the session of the user who added them expires,
after 20 minutes of inactivity" is used |
SECURITY.WSC.SL-3 |
|
254:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
255:
|
Unnecessary instantiation of 'Integer' object |
OPT.PRIM-3 |
|
255:
|
The return value of 'getBook()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
256:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
259:
|
No JUnit test method defined for 'clearAddedBooks()' |
JUNIT.TEST-2 |
|
259:
|
Missing Javadoc comment for method 'clearAddedBooks()' |
JAVADOC.PJDM-3 |
|
259:
|
Globally unused "public" method: clearAddedBooks() |
GLOBAL.UPPM-4 |
|
259:
|
"synchronized" modifier used in method declaration: clearAddedBooks() |
TRS.NSM-5 |
|
259:
|
Formal parameter 'tempbook' is not declared as final |
CODSTA.BP.FPF-3 |
|
260:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
260:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
261:
|
The declaration of the local variable 'book' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
262:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
263:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
266:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
266:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/BookStoreMemoryDB.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
8:
|
Missing Javadoc tag '@since' for class 'BookStoreMemoryDB' |
JAVADOC.ECTT-3 |
|
8:
|
Globally unused "public" class: com.parasoft.bookstore.BookStoreMemoryDB |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: BookStoreMemoryDB |
JAVADOC.MAJDT-4 |
|
8:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
"public" class without an '@invariant' contract: BookStoreMemoryDB |
DBC.PUBC-3 |
|
8:
|
Missing '@version' Javadoc tag: BookStoreMemoryDB |
JAVADOC.MVJDT-3 |
|
8:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
9:
|
The 'db' field of the immutable class is not declared final |
SECURITY.WSC.FIMU-4 |
|
17:
|
Constructor 'BookStoreMemoryDB' throws 'SQLException, InstantiationException, IllegalAccessException, ClassNotFoundException' |
CERT.OBJ11.EPNFC-1 |
|
17:
|
No JUnit test method defined for 'BookStoreMemoryDB()' |
JUNIT.TEST-2 |
|
17:
|
'public' constructor declared |
CODSTA.BP.CMUTA-3 |
|
17:
|
Constructor 'BookStoreMemoryDB' throws 'SQLException, InstantiationException, IllegalAccessException, ClassNotFoundException' |
EXCEPT.EPNFC-3 |
|
17:
|
Missing Javadoc tag '@since' for method 'BookStoreMemoryDB()' |
JAVADOC.ECTM-3 |
|
17:
|
The constructor 'BookStoreMemoryDB' is more accessible than the constructor in its superclass |
SECURITY.WSC.AMA-3 |
|
17:
|
Constructor 'BookStoreMemoryDB()' should be declared "private" |
CWE.749.DPPM-4 |
|
17:
|
Constructor 'BookStoreMemoryDB()' should be declared "private" |
GLOBAL.DPPM-4 |
|
17:
|
Flag not present |
SECURITY.WSC.INIVF-4 |
|
17:
|
"public" method without a '@post' contract: BookStoreMemoryDB () |
DBC.PUBMPOST-3 |
|
17:
|
"public" method without a '@pre' contract: BookStoreMemoryDB |
DBC.PUBMPRE-3 |
|
17:
|
This constructor for class 'BookStoreMemoryDB' does not need to be explicitly defined |
PB.USC.EPC-3 |
|
18:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
18:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
22:
|
Opening brace '{' is not on the same line as the constructor declaration |
APSC_DV.003215.FCB-3 |
|
22:
|
Opening brace '{' is not on the same line as the constructor declaration |
FORMAT.FCB-3 |
|
27:
|
No JUnit test method defined for 'getDBInstance()' |
JUNIT.TEST-2 |
|
27:
|
Elements in 'BookStoreMemoryDB' not ordered appropriately, first violation: method 'getDBInstance' at line 27 should be placed
before constructor 'BookStoreMemoryDB' at line 11 |
CODSTA.ORG.FO-3 |
|
27:
|
The method 'getDBInstance' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
27:
|
Missing Javadoc comment for method 'getDBInstance()' |
JAVADOC.PJDM-3 |
|
27:
|
Globally unused "public" method: getDBInstance() |
GLOBAL.UPPM-4 |
|
28:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
28:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
32:
|
Opening brace '{' is not on the same line as the method declaration |
APSC_DV.003215.FCB-3 |
|
32:
|
Opening brace '{' is not on the same line as the method declaration |
FORMAT.FCB-3 |
|
33:
|
Lazy initialization is not thread-safe: db |
CERT.MSC07.ILI-3 |
|
33:
|
Lazy initialization is not thread-safe: db |
CWE.543.ILI-3 |
|
33:
|
Lazy initialization is not thread-safe: db |
TRS.ILI-3 |
|
33:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
33:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
34:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
CERT.LCK05.IASF-3 |
|
34:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
CWE.543.IASF-3 |
|
34:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
TRS.IASF-3 |
|
35:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
38:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
38:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/CartManager.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
8:
|
"import java.util.concurrent.ConcurrentHashMap" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
8:
|
"import java.util.concurrent.ConcurrentHashMap" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
8:
|
"import" not presented in alphabetical order: java.util.concurrent.ConcurrentHashMap |
CODSTA.ORG.ORIMP-5 |
|
9:
|
"import java.util.concurrent.atomic.AtomicInteger" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
9:
|
"import java.util.concurrent.atomic.AtomicInteger" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
11:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
11:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
11:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
11:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
11:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
11:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
11:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
11:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
11:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
11:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
11:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
11:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
11:
|
CartManager has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
11:
|
getter method without an @invariant contract: getCart() |
DBC.IGM-3 |
|
11:
|
getter method without an @invariant contract: getCartId() |
DBC.IGM-3 |
|
11:
|
getter method without an @invariant contract: getItem() |
DBC.IGM-3 |
|
11:
|
Missing Javadoc comment for 'CartManager' |
JAVADOC.PJDC-3 |
|
11:
|
Public clone method missing |
OOP.MUCOP-3 |
|
11:
|
Static creation method missing |
OOP.MUCOP-3 |
|
11:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
11:
|
Globally unused "public" class: com.parasoft.bookstore.CartManager |
GLOBAL.UPPC-4 |
|
11:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
11:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
11:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
11:
|
Number of Javadoc comments are below thresholds (%): 10.0 |
METRICS.PJDC-3 |
|
11:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
12:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
12:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
12:
|
Constant value should be declared "final": cartIdToOrderMap |
CODSTA.READ.FF-3 |
|
12:
|
Found "static" variable of type "Map" or "Collection": 'cartIdToOrderMap' |
GC.STV-3 |
|
13:
|
Line is longer than 80 characters: 83 |
APSC_DV.003215.LL-3 |
|
13:
|
Line is longer than 80 characters: 83 |
FORMAT.LL-3 |
|
13:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
13:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
13:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Constant value should be declared "final": generatedNewCartId |
CODSTA.READ.FF-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
15:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
16:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
16:
|
Missing 'getList()' method for field 'list' |
BEAN.NFM-4 |
|
16:
|
Missing 'setList()' method for field 'list' |
BEAN.NFM-4 |
|
18:
|
Field 'list', declared on line 16, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
18:
|
Field 'cartId', declared on line 15, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
18:
|
No JUnit test method defined for 'CartManager()' |
JUNIT.TEST-2 |
|
18:
|
Missing Javadoc comment for method 'CartManager()' |
JAVADOC.PJDM-3 |
|
22:
|
Constructor 'CartManager' throws 'Exception' |
CERT.OBJ11.EPNFC-1 |
|
22:
|
No JUnit test method defined for 'CartManager()' |
JUNIT.TEST-2 |
|
22:
|
Constructor 'CartManager' throws 'Exception' |
EXCEPT.EPNFC-3 |
|
22:
|
Missing Javadoc comment for method 'CartManager()' |
JAVADOC.PJDM-3 |
|
22:
|
Method 'CartManager' performs compound action on "synchronized" collection 'cartIdToOrderMap' |
TRS.CMA-3 |
|
22:
|
Globally unused "public" constructor CartManager() |
GLOBAL.UPPM-4 |
|
22:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
22:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
22:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
22:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
APSC_DV.001460.NTX-2 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
CERT.ERR07.NTX-3 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
CODSTA.BP.NTX-3 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
CWE.397.NTX-3 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
OWASP2017.A6.NTX-3 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
OWASP2021.A5.NTX-3 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
OWASP2019.API7.NTX-5 |
|
23:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
23:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
23:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
24:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
24:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
24:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
24:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
24:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
24:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
24:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
24:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
24:
|
Concatenating strings |
INTER.COS-5 |
|
24:
|
The String literal "cartId: " is used |
SECURITY.WSC.SL-3 |
|
25:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
25:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
25:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
25:
|
The String literal " doesn't exist." is used |
SECURITY.WSC.SL-3 |
|
26:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
27:
|
Calling the method 'setCartId()' in the constructor could cause an unexpected NullPointerException |
CODSTA.EPC.NCNFC-2 |
|
27:
|
Non-"final", non-"static", and non-"private" method 'setCartId()' called from inside constructor 'CartManager' |
PB.CUB.CTOR-4 |
|
28:
|
Non-"final", non-"static", and non-"private" method 'setItem()' called from inside constructor 'CartManager' |
PB.CUB.CTOR-4 |
|
28:
|
Calling the method 'setItem()' in the constructor could cause an unexpected NullPointerException |
CODSTA.EPC.NCNFC-2 |
|
28:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
31:
|
Globally unused "public" method: addNewItemToCart() |
GLOBAL.UPPM-4 |
|
31:
|
No JUnit test method defined for 'addNewItemToCart()' |
JUNIT.TEST-2 |
|
31:
|
Missing Javadoc comment for method 'addNewItemToCart()' |
JAVADOC.PJDM-3 |
|
31:
|
Formal parameter 'order' is not declared as final |
CODSTA.BP.FPF-3 |
|
32:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
32:
|
The local variable 'list' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
32:
|
Local variable 'list' has the same name as a field |
OOP.HMF-3 |
|
32:
|
The declaration of the local variable 'list' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
32:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
34:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
37:
|
Line is longer than 80 characters: 82 |
APSC_DV.003215.LL-3 |
|
37:
|
Line is longer than 80 characters: 82 |
FORMAT.LL-3 |
|
37:
|
No JUnit test method defined for 'addExistingItemToCart()' |
JUNIT.TEST-2 |
|
37:
|
The method 'addExistingItemToCart' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
37:
|
Missing Javadoc comment for method 'addExistingItemToCart()' |
JAVADOC.PJDM-3 |
|
37:
|
Method 'addExistingItemToCart' performs compound action on "synchronized" collection 'cartIdToOrderMap' |
TRS.CMA-3 |
|
37:
|
Globally unused "public" method: addExistingItemToCart() |
GLOBAL.UPPM-4 |
|
37:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
37:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
37:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
37:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
37:
|
Formal parameter 'order' is not declared as final |
CODSTA.BP.FPF-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
APSC_DV.001460.NTX-2 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
CERT.ERR07.NTX-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
CODSTA.BP.NTX-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
CWE.397.NTX-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
OWASP2017.A6.NTX-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
OWASP2021.A5.NTX-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
OWASP2019.API7.NTX-5 |
|
39:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
39:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
39:
|
'cartIdToOrderMap' calls "containsKey()" and then "get()" |
OPT.AUMO-3 |
|
39:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
40:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
40:
|
The local variable 'list' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
40:
|
Local variable 'list' has the same name as a field |
OOP.HMF-3 |
|
40:
|
The declaration of the local variable 'list' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
40:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
41:
|
interface type 'Iterator' is used |
MOBILE.AUI-3 |
|
41:
|
The declaration of the local variable 'iterator' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
42:
|
Variable 'found' does not end with 'boolean' |
NAMING.UHN-4 |
|
42:
|
The declaration of the local variable 'found' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
42:
|
Local constant not declared "final": found |
CODSTA.READ.FLV-3 |
|
43:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
43:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
43:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
44:
|
Variable name 'o' is not of type "java.lang.Object" |
NAMING.CVN-4 |
|
44:
|
The length of the identifier "o" is less than the minimum length (2) |
NAMING.LLI-4 |
|
45:
|
The declaration of the local variable 'book' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
46:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
46:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
46:
|
The return value of 'getBook()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
50:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
51:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
52:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
52:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
55:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
56:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
56:
|
Do not use trailing comments |
APSC_DV.003215.TC-3 |
|
56:
|
Do not use trailing comments |
FORMAT.TC-3 |
|
57:
|
Line is longer than 80 characters: 88 |
APSC_DV.003215.LL-3 |
|
57:
|
Line is longer than 80 characters: 88 |
FORMAT.LL-3 |
|
57:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
57:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
57:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
57:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
57:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
57:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
57:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
57:
|
Concatenating strings |
INTER.COS-5 |
|
57:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
57:
|
The String literal "An order with Cart Id " is used |
SECURITY.WSC.SL-3 |
|
57:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
57:
|
The String literal " does not exist!" is used |
SECURITY.WSC.SL-3 |
|
58:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
62:
|
Line is longer than 80 characters: 92 |
APSC_DV.003215.LL-3 |
|
62:
|
Line is longer than 80 characters: 92 |
FORMAT.LL-3 |
|
62:
|
No JUnit test method defined for 'updateExistingItem()' |
JUNIT.TEST-2 |
|
62:
|
The method 'updateExistingItem' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
62:
|
Missing Javadoc comment for method 'updateExistingItem()' |
JAVADOC.PJDM-3 |
|
62:
|
Method 'updateExistingItem' performs compound action on "synchronized" collection 'cartIdToOrderMap' |
TRS.CMA-3 |
|
62:
|
Globally unused "public" method: updateExistingItem() |
GLOBAL.UPPM-4 |
|
62:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
62:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
62:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
62:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
62:
|
Formal parameter 'itemId' is not declared as final |
CODSTA.BP.FPF-3 |
|
62:
|
Variable 'itemId' does not end with 'int' |
NAMING.UHN-4 |
|
62:
|
Variable 'quantity' does not end with 'int' |
NAMING.UHN-4 |
|
62:
|
Formal parameter 'quantity' is not declared as final |
CODSTA.BP.FPF-3 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
APSC_DV.001460.NTX-2 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
CERT.ERR07.NTX-3 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
CODSTA.BP.NTX-3 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
CWE.397.NTX-3 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
OWASP2017.A6.NTX-3 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
OWASP2021.A5.NTX-3 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
OWASP2019.API7.NTX-5 |
|
64:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
64:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
64:
|
'cartIdToOrderMap' calls "containsKey()" and then "get()" |
OPT.AUMO-3 |
|
64:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
65:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
65:
|
The local variable 'list' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
65:
|
Local variable 'list' has the same name as a field |
OOP.HMF-3 |
|
65:
|
The declaration of the local variable 'list' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
65:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
66:
|
interface type 'Iterator' is used |
MOBILE.AUI-3 |
|
66:
|
The declaration of the local variable 'iterator' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
67:
|
Variable 'found' does not end with 'boolean' |
NAMING.UHN-4 |
|
67:
|
The declaration of the local variable 'found' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
67:
|
Local constant not declared "final": found |
CODSTA.READ.FLV-3 |
|
68:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
68:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
68:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
69:
|
The declaration of the local variable 'order' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
70:
|
The declaration of the local variable 'book' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
71:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
71:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
72:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
72:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
73:
|
Line is longer than 80 characters: 81 |
APSC_DV.003215.LL-3 |
|
73:
|
Line is longer than 80 characters: 81 |
FORMAT.LL-3 |
|
73:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
73:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
73:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
73:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
73:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
73:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
73:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
73:
|
Concatenating strings |
INTER.COS-5 |
|
73:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
73:
|
The String literal "Did not update order with cartId " is used |
SECURITY.WSC.SL-3 |
|
74:
|
Indentation should be 28 (or 36) spaces |
APSC_DV.003215.IND-3 |
|
74:
|
Indentation should be 28 (or 36) spaces |
FORMAT.IND-3 |
|
74:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
74:
|
The String literal ", " is used |
SECURITY.WSC.SL-3 |
|
74:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
74:
|
The String literal " is greater than " is used |
SECURITY.WSC.SL-3 |
|
75:
|
Line is longer than 80 characters: 85 |
APSC_DV.003215.LL-3 |
|
75:
|
Line is longer than 80 characters: 85 |
FORMAT.LL-3 |
|
75:
|
Indentation should be 28 (or 36) spaces |
APSC_DV.003215.IND-3 |
|
75:
|
Indentation should be 28 (or 36) spaces |
FORMAT.IND-3 |
|
75:
|
The String literal "the quantity in stock: " is used |
SECURITY.WSC.SL-3 |
|
75:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
76:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
80:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
81:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
| +
|
82:
|
Condition "!found" always evaluates to true |
BD.PB.CC-2 |
| |
|
Start of the path
CartManager.java (62): updateExistingItem(int cartId, int itemId, int quantity) throws Exception
CartManager.java (64): if (cartIdToOrderMap.containsKey(cartId)) { *** Condition evaluation: cartIdToOrderMap.containsKey(cartId) (assuming true)
CartManager.java (65): List<Order> list = cartIdToOrderMap.get(cartId);
CartManager.java (66): Iterator<Order> iterator = list.iterator();
CartManager.java (67): boolean found = false;
CartManager.java (68): while (iterator.hasNext()) { *** Loop condition evaluation: iterator.hasNext() (assuming false) *** Not entering the loop
Point where senseless condition is used
CartManager.java (82): if (!found) { |
|
| +
|
82:
|
Condition "!found" always evaluates to true |
CWE.561.CC-2 |
| |
|
Start of the path
CartManager.java (62): updateExistingItem(int cartId, int itemId, int quantity) throws Exception
CartManager.java (64): if (cartIdToOrderMap.containsKey(cartId)) { *** Condition evaluation: cartIdToOrderMap.containsKey(cartId) (assuming true)
CartManager.java (65): List<Order> list = cartIdToOrderMap.get(cartId);
CartManager.java (66): Iterator<Order> iterator = list.iterator();
CartManager.java (67): boolean found = false;
CartManager.java (68): while (iterator.hasNext()) { *** Loop condition evaluation: iterator.hasNext() (assuming false) *** Not entering the loop
Point where senseless condition is used
CartManager.java (82): if (!found) { |
|
| +
|
82:
|
Condition "!found" always evaluates to true |
CWE.570.CC-2 |
| |
|
Start of the path
CartManager.java (62): updateExistingItem(int cartId, int itemId, int quantity) throws Exception
CartManager.java (64): if (cartIdToOrderMap.containsKey(cartId)) { *** Condition evaluation: cartIdToOrderMap.containsKey(cartId) (assuming true)
CartManager.java (65): List<Order> list = cartIdToOrderMap.get(cartId);
CartManager.java (66): Iterator<Order> iterator = list.iterator();
CartManager.java (67): boolean found = false;
CartManager.java (68): while (iterator.hasNext()) { *** Loop condition evaluation: iterator.hasNext() (assuming false) *** Not entering the loop
Point where senseless condition is used
CartManager.java (82): if (!found) { |
|
| +
|
82:
|
Condition "!found" always evaluates to true |
CWE.571.CC-2 |
| |
|
Start of the path
CartManager.java (62): updateExistingItem(int cartId, int itemId, int quantity) throws Exception
CartManager.java (64): if (cartIdToOrderMap.containsKey(cartId)) { *** Condition evaluation: cartIdToOrderMap.containsKey(cartId) (assuming true)
CartManager.java (65): List<Order> list = cartIdToOrderMap.get(cartId);
CartManager.java (66): Iterator<Order> iterator = list.iterator();
CartManager.java (67): boolean found = false;
CartManager.java (68): while (iterator.hasNext()) { *** Loop condition evaluation: iterator.hasNext() (assuming false) *** Not entering the loop
Point where senseless condition is used
CartManager.java (82): if (!found) { |
|
|
82:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
82:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
83:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
83:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
83:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
83:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
83:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
83:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
83:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
83:
|
Concatenating strings |
INTER.COS-5 |
|
83:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
83:
|
The String literal "Did not update order with cartId " is used |
SECURITY.WSC.SL-3 |
|
84:
|
Indentation should be 20 (or 28) spaces |
APSC_DV.003215.IND-3 |
|
84:
|
Indentation should be 20 (or 28) spaces |
FORMAT.IND-3 |
|
84:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
84:
|
The String literal ", order does not exist." is used |
SECURITY.WSC.SL-3 |
|
85:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
86:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
86:
|
Do not use trailing comments |
APSC_DV.003215.TC-3 |
|
86:
|
Do not use trailing comments |
FORMAT.TC-3 |
|
87:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
87:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
87:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
87:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
87:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
87:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
87:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
87:
|
Concatenating strings |
INTER.COS-5 |
|
87:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
87:
|
The String literal "Did not update order with cartId " is used |
SECURITY.WSC.SL-3 |
|
87:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
88:
|
The String literal ", itemId " is used |
SECURITY.WSC.SL-3 |
|
88:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
88:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
88:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
88:
|
The String literal " does not exist in the order." is used |
SECURITY.WSC.SL-3 |
|
89:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
102:
|
No JUnit test method defined for 'getCartSize()' |
JUNIT.TEST-2 |
|
102:
|
Missing Javadoc tag '@since' for method 'getCartSize()' |
JAVADOC.ECTM-3 |
|
102:
|
"public" method without a '@post' contract: getCartSize () |
DBC.PUBMPOST-3 |
|
102:
|
"public" method without a '@pre' contract: getCartSize |
DBC.PUBMPRE-3 |
|
102:
|
Globally unused "public" method: getCartSize() |
GLOBAL.UPPM-4 |
|
112:
|
Misspelled word 'ites' |
JAVADOC.SPELL-3 |
|
113:
|
This '@return' tag does not contain a meaningful description of the method's return value |
JAVADOC.MDJT-3 |
|
116:
|
No JUnit test method defined for 'getCartSize()' |
JUNIT.TEST-2 |
|
116:
|
Missing Javadoc tag '@since' for method 'getCartSize()' |
JAVADOC.ECTM-3 |
|
116:
|
Method 'getCartSize' performs compound action on "synchronized" collection 'cartIdToOrderMap' |
TRS.CMA-3 |
|
116:
|
Globally unused "public" method: getCartSize() |
GLOBAL.UPPM-4 |
|
116:
|
"public" method without a '@post' contract: getCartSize () |
DBC.PUBMPOST-3 |
|
116:
|
"public" method without a '@pre' contract: getCartSize |
DBC.PUBMPRE-3 |
|
116:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
116:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
116:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
116:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
APSC_DV.001460.NTX-2 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
CERT.ERR07.NTX-3 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
CODSTA.BP.NTX-3 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
CWE.397.NTX-3 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
OWASP2017.A6.NTX-3 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
OWASP2021.A5.NTX-3 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
OWASP2019.API7.NTX-5 |
|
117:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
117:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
117:
|
'cartIdToOrderMap' calls "containsKey()" and then "get()" |
OPT.AUMO-3 |
|
117:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
118:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
119:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
120:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
120:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
120:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
120:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
120:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
120:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
120:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
120:
|
Concatenating strings |
INTER.COS-5 |
|
120:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
120:
|
The String literal "cartId: " is used |
SECURITY.WSC.SL-3 |
|
121:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
121:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
121:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
121:
|
The String literal " doesn't exist." is used |
SECURITY.WSC.SL-3 |
|
124:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
124:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
124:
|
No JUnit test method defined for 'getCart()' |
JUNIT.TEST-2 |
|
124:
|
The method 'getCart' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
124:
|
Missing Javadoc comment for method 'getCart()' |
JAVADOC.PJDM-3 |
|
124:
|
Globally unused "public" method: getCart() |
GLOBAL.UPPM-4 |
|
128:
|
Globally unused "public" method: removeEmptyMappings() |
GLOBAL.UPPM-4 |
|
128:
|
No JUnit test method defined for 'removeEmptyMappings()' |
JUNIT.TEST-2 |
|
128:
|
Missing Javadoc comment for method 'removeEmptyMappings()' |
JAVADOC.PJDM-3 |
|
129:
|
Line is longer than 80 characters: 95 |
APSC_DV.003215.LL-3 |
|
129:
|
Line is longer than 80 characters: 95 |
FORMAT.LL-3 |
|
129:
|
interface type 'Iterator' is used |
MOBILE.AUI-3 |
|
129:
|
interface type 'Entry' is used |
MOBILE.AUI-3 |
|
129:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
129:
|
The declaration of the local variable 'itr' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
130:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
130:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
130:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
131:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
131:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
133:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
134:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
137:
|
No JUnit test method defined for 'removeOrder()' |
JUNIT.TEST-2 |
|
137:
|
Missing Javadoc comment for method 'removeOrder()' |
JAVADOC.PJDM-3 |
|
137:
|
Method 'removeOrder' performs compound action on "synchronized" collection 'cartIdToOrderMap' |
TRS.CMA-3 |
|
137:
|
Globally unused "public" method: removeOrder() |
GLOBAL.UPPM-4 |
|
137:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
137:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
137:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
137:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
138:
|
Variable 'found' does not end with 'boolean' |
NAMING.UHN-4 |
|
138:
|
The declaration of the local variable 'found' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
139:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
139:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
139:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
140:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
142:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
146:
|
No JUnit test method defined for 'setCartId()' |
JUNIT.TEST-2 |
|
146:
|
Method 'setCartId()' should be declared "private" |
CWE.749.DPPM-4 |
|
146:
|
Method 'setCartId()' should be declared "private" |
GLOBAL.DPPM-4 |
|
146:
|
Method 'setCartId()' should be declared "final" |
GLOBAL.SPPM-5 |
|
146:
|
Setter method 'setCartId()' is not declared "final" |
OPT.MAF-5 |
|
146:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
146:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
146:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
146:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
150:
|
No JUnit test method defined for 'getCartId()' |
JUNIT.TEST-2 |
|
150:
|
Globally unused "public" method: getCartId() |
GLOBAL.UPPM-4 |
|
150:
|
Getter method 'getCartId()' is not declared "final" |
OPT.MAF-5 |
|
154:
|
Setter method 'setItem()' is not declared "final" |
OPT.MAF-5 |
|
154:
|
Method 'setItem()' should be declared "private" |
CWE.749.DPPM-4 |
|
154:
|
Method 'setItem()' should be declared "private" |
GLOBAL.DPPM-4 |
|
154:
|
Method 'setItem()' should be declared "final" |
GLOBAL.SPPM-5 |
|
154:
|
No JUnit test method defined for 'setItem()' |
JUNIT.TEST-2 |
|
154:
|
Missing Javadoc comment for method 'setItem()' |
JAVADOC.PJDM-3 |
|
154:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
154:
|
Formal parameter 'list' is not declared as final |
CODSTA.BP.FPF-3 |
|
154:
|
The parameter 'list' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
154:
|
Parameter 'list' has the same name as a field |
OOP.HMF-3 |
|
158:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
158:
|
No JUnit test method defined for 'getItem()' |
JUNIT.TEST-2 |
|
158:
|
The method 'getItem' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
158:
|
Missing Javadoc comment for method 'getItem()' |
JAVADOC.PJDM-3 |
|
158:
|
Globally unused "public" method: getItem() |
GLOBAL.UPPM-4 |
|
158:
|
Getter method 'getItem()' is not declared "final" |
OPT.MAF-5 |
|
162:
|
Globally unused "public" method: getStaticCart_Id() |
GLOBAL.UPPM-4 |
|
162:
|
No JUnit test method defined for 'getStaticCart_Id()' |
JUNIT.TEST-2 |
|
162:
|
Missing Javadoc comment for method 'getStaticCart_Id()' |
JAVADOC.PJDM-3 |
|
165:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
165:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/CartTimer.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Comment contains Java code: // public class CartTimer exte... |
UC.ACC-3 |
|
4:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
4:
|
Use 1 blank line before every top-level class (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
4:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
4:
|
Use 1 blank line before every top-level class (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
4:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
4:
|
Missing Javadoc comment for 'CartTimer' |
JAVADOC.PJDC-3 |
|
4:
|
Globally unused "public" class: com.parasoft.bookstore.CartTimer |
GLOBAL.UPPC-4 |
|
4:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
4:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
4:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
4:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
4:
|
"class" missing a no argument constructor: CartTimer |
CODSTA.POD.DCTOR-5 |
|
4:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
4:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
4:
|
interface type 'Runnable' is used |
MOBILE.AUI-3 |
|
5:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
5:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
6:
|
The method 'run()' does not contain a "try"/"catch" block which catches all possible "Throwable" objects |
EXCEPT.CATO-2 |
|
6:
|
No JUnit test method defined for 'run()' |
JUNIT.TEST-2 |
|
6:
|
Missing Javadoc comment for method 'run()' |
JAVADOC.PJDM-3 |
|
6:
|
'Runnable.run()' method should be synchronized if it cannot be safely executed concurrently |
TRS.RUN-5 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/DisplayOrder.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
3:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
DisplayOrder has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
3:
|
getter method without an @invariant contract: getItem() |
DBC.IGM-3 |
|
3:
|
getter method without an @invariant contract: getCartId() |
DBC.IGM-3 |
|
3:
|
Missing Javadoc comment for 'DisplayOrder' |
JAVADOC.PJDC-3 |
|
3:
|
Public clone method missing |
OOP.MUCOP-3 |
|
3:
|
Static creation method missing |
OOP.MUCOP-3 |
|
3:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
3:
|
Globally unused "public" class: com.parasoft.bookstore.DisplayOrder |
GLOBAL.UPPC-4 |
|
3:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
3:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
3:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
3:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
3:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
4:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
5:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
5:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
7:
|
No JUnit test method defined for 'DisplayOrder()' |
JUNIT.TEST-2 |
|
7:
|
Missing Javadoc comment for method 'DisplayOrder()' |
JAVADOC.PJDM-3 |
|
7:
|
Field 'item', declared on line 5, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
7:
|
Field 'cartId', declared on line 4, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
11:
|
No JUnit test method defined for 'DisplayOrder()' |
JUNIT.TEST-2 |
|
11:
|
Missing Javadoc comment for method 'DisplayOrder()' |
JAVADOC.PJDM-3 |
|
11:
|
Globally unused "public" constructor DisplayOrder() |
GLOBAL.UPPM-4 |
|
11:
|
Formal parameter 'order' is not declared as final |
CODSTA.BP.FPF-3 |
|
11:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
11:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
11:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
11:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
12:
|
This assignment may store the original parameter 'order' rather than a copy of the parameter into the field 'item' |
CERT.OBJ05.SMO-1 |
|
12:
|
This assignment may store the original parameter 'order' rather than a copy of the parameter into the field 'item' |
CERT.OBJ06.SMO-2 |
|
12:
|
This assignment may store the original parameter 'order' rather than a copy of the parameter into the field 'item' |
CERT.OBJ04.SMO-3 |
|
12:
|
This assignment may store the original parameter 'order' rather than a copy of the parameter into the field 'item' |
SECURITY.EAB.SMO-3 |
|
16:
|
No JUnit test method defined for 'getItem()' |
JUNIT.TEST-2 |
|
16:
|
The method 'getItem' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
16:
|
Globally unused "public" method: getItem() |
GLOBAL.UPPM-4 |
|
16:
|
Getter method 'getItem()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
Setter method 'setItem()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
No JUnit test method defined for 'setItem()' |
JUNIT.TEST-2 |
|
20:
|
Globally unused "public" method: setItem() |
GLOBAL.UPPM-4 |
|
20:
|
Formal parameter 'item' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'item' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'item' has the same name as a field |
OOP.HMF-3 |
|
24:
|
No JUnit test method defined for 'getCartId()' |
JUNIT.TEST-2 |
|
24:
|
Globally unused "public" method: getCartId() |
GLOBAL.UPPM-4 |
|
24:
|
Getter method 'getCartId()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
Setter method 'setCartId()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
No JUnit test method defined for 'setCartId()' |
JUNIT.TEST-2 |
|
28:
|
Globally unused "public" method: setCartId() |
GLOBAL.UPPM-4 |
|
28:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
28:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
28:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
28:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/Item.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
4:
|
"import java.math.BigDecimal" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
4:
|
"import java.math.BigDecimal" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
6:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
6:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
6:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
6:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
6:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
6:
|
Serializable class 'Item' does not implement readObject() |
APSC_DV.001460.OROM-2 |
|
6:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
6:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
6:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
6:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
6:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
6:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
6:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
6:
|
Item has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
6:
|
getter method without an @invariant contract: getName() |
DBC.IGM-3 |
|
6:
|
getter method without an @invariant contract: getId() |
DBC.IGM-3 |
|
6:
|
getter method without an @invariant contract: getStockQuantity() |
DBC.IGM-3 |
|
6:
|
getter method without an @invariant contract: getPrice() |
DBC.IGM-3 |
|
6:
|
Missing Javadoc comment for 'Item' |
JAVADOC.PJDC-3 |
|
6:
|
Class 'Item' could potentially be merged with its subclass |
MOBILE.J2ME.CSOO-3 |
|
6:
|
Public clone method missing |
OOP.MUCOP-3 |
|
6:
|
Static creation method missing |
OOP.MUCOP-3 |
|
6:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
6:
|
Item implements Serializable instead of Externalizable |
SERIAL.EZEE-3 |
|
6:
|
Class 'com.parasoft.bookstore.Item' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
6:
|
Serializable class 'Item' does not implement readObject() |
OWASP2017.A8.OROM-5 |
|
6:
|
Serializable class 'Item' does not implement readObject() |
OWASP2021.A8.OROM-5 |
|
6:
|
Serializable class 'Item' does not implement readObject() |
SECURITY.EAB.OROM-5 |
|
6:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
6:
|
Number of Javadoc comments are below thresholds (%): 6.0 |
METRICS.PJDC-3 |
|
6:
|
interface type 'Serializable' is used |
MOBILE.AUI-3 |
|
7:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
7:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
7:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
11:
|
Inspect field 'id' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
11:
|
Inspect field 'id' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
11:
|
Inspect field 'id' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
11:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
Inspect field 'title' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
12:
|
Inspect field 'title' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
12:
|
Inspect field 'title' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
12:
|
Missing 'getTitle()' method for field 'title' |
BEAN.NFM-4 |
|
12:
|
Missing 'setTitle()' method for field 'title' |
BEAN.NFM-4 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
13:
|
Inspect field 'quantity_in_stock' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
13:
|
Inspect field 'quantity_in_stock' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
13:
|
Inspect field 'quantity_in_stock' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
13:
|
Missing 'getQuantity_in_stock()' method for field 'quantity_in_stock' |
BEAN.NFM-4 |
|
13:
|
Missing 'setQuantity_in_stock()' method for field 'quantity_in_stock' |
BEAN.NFM-4 |
|
13:
|
Variable 'quantity_in_stock' does not end with 'int' |
NAMING.UHN-4 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Inspect field 'price' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
14:
|
Inspect field 'price' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
14:
|
Inspect field 'price' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
16:
|
No JUnit test method defined for 'Item()' |
JUNIT.TEST-2 |
|
16:
|
Missing Javadoc comment for method 'Item()' |
JAVADOC.PJDM-3 |
|
16:
|
Field 'title', declared on line 12, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
16:
|
Field 'quantity_in_stock', declared on line 13, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
16:
|
Field 'id', declared on line 11, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
16:
|
Field 'price', declared on line 14, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
20:
|
Constructor 'Item' throws 'ItemNotFoundException' |
CERT.OBJ11.EPNFC-1 |
|
20:
|
No JUnit test method defined for 'Item()' |
JUNIT.TEST-2 |
|
20:
|
Constructor 'Item' throws 'ItemNotFoundException' |
EXCEPT.EPNFC-3 |
|
20:
|
Missing Javadoc comment for method 'Item()' |
JAVADOC.PJDM-3 |
|
20:
|
Constructor 'Item()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
20:
|
Constructor 'Item()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
20:
|
Formal parameter 'id' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'id' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'id' has the same name as a field |
OOP.HMF-3 |
|
20:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
20:
|
Formal parameter 'name' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
Formal parameter 'price' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'price' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'price' has the same name as a field |
OOP.HMF-3 |
|
20:
|
Formal parameter 'quantity' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
Variable 'quantity' does not end with 'int' |
NAMING.UHN-4 |
|
21:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
21:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
21:
|
Exception 'ItemNotFoundException' is not thrown in the body of method 'Item' |
GLOBAL.AUT-2 |
|
28:
|
No JUnit test method defined for 'getName()' |
JUNIT.TEST-2 |
|
28:
|
The method 'getName' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
28:
|
Missing Javadoc comment for method 'getName()' |
JAVADOC.PJDM-3 |
|
28:
|
Method 'getName()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
28:
|
Method 'getName()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
28:
|
Method 'getName()' should be declared "final" |
GLOBAL.SPPM-5 |
|
28:
|
Getter method 'getName()' is not declared "final" |
OPT.MAF-5 |
|
32:
|
Setter method 'setName()' is not declared "final" |
OPT.MAF-5 |
|
32:
|
No JUnit test method defined for 'setName()' |
JUNIT.TEST-2 |
|
32:
|
Missing Javadoc comment for method 'setName()' |
JAVADOC.PJDM-3 |
|
32:
|
Globally unused "public" method: setName() |
GLOBAL.UPPM-4 |
|
32:
|
Formal parameter 'title' is not declared as final |
CODSTA.BP.FPF-3 |
|
32:
|
The parameter 'title' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
32:
|
Parameter 'title' has the same name as a field |
OOP.HMF-3 |
|
36:
|
No JUnit test method defined for 'getId()' |
JUNIT.TEST-2 |
|
36:
|
Method 'getId()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
36:
|
Method 'getId()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
36:
|
Method 'getId()' should be declared "final" |
GLOBAL.SPPM-5 |
|
36:
|
Getter method 'getId()' is not declared "final" |
OPT.MAF-5 |
|
40:
|
Setter method 'setId()' is not declared "final" |
OPT.MAF-5 |
|
40:
|
No JUnit test method defined for 'setId()' |
JUNIT.TEST-2 |
|
40:
|
Globally unused "public" method: setId() |
GLOBAL.UPPM-4 |
|
40:
|
Formal parameter 'id' is not declared as final |
CODSTA.BP.FPF-3 |
|
40:
|
The parameter 'id' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
40:
|
Parameter 'id' has the same name as a field |
OOP.HMF-3 |
|
40:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
44:
|
No JUnit test method defined for 'getStockQuantity()' |
JUNIT.TEST-2 |
|
44:
|
Missing Javadoc comment for method 'getStockQuantity()' |
JAVADOC.PJDM-3 |
|
44:
|
Method 'getStockQuantity()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
44:
|
Method 'getStockQuantity()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
44:
|
Method 'getStockQuantity()' should be declared "final" |
GLOBAL.SPPM-5 |
|
44:
|
Getter method 'getStockQuantity()' is not declared "final" |
OPT.MAF-5 |
|
48:
|
Setter method 'setStockQuantity()' is not declared "final" |
OPT.MAF-5 |
|
48:
|
No JUnit test method defined for 'setStockQuantity()' |
JUNIT.TEST-2 |
|
48:
|
Missing Javadoc comment for method 'setStockQuantity()' |
JAVADOC.PJDM-3 |
|
48:
|
Globally unused "public" method: setStockQuantity() |
GLOBAL.UPPM-4 |
|
48:
|
Formal parameter 'quantity_in_stock' is not declared as final |
CODSTA.BP.FPF-3 |
|
48:
|
The parameter 'quantity_in_stock' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
48:
|
Parameter 'quantity_in_stock' has the same name as a field |
OOP.HMF-3 |
|
48:
|
Variable 'quantity_in_stock' does not end with 'int' |
NAMING.UHN-4 |
|
52:
|
No JUnit test method defined for 'getPrice()' |
JUNIT.TEST-2 |
|
52:
|
The method 'getPrice' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
52:
|
Globally unused "public" method: getPrice() |
GLOBAL.UPPM-4 |
|
52:
|
Getter method 'getPrice()' is not declared "final" |
OPT.MAF-5 |
|
56:
|
Setter method 'setPrice()' is not declared "final" |
OPT.MAF-5 |
|
56:
|
No JUnit test method defined for 'setPrice()' |
JUNIT.TEST-2 |
|
56:
|
Method 'setPrice()' should be declared "private" |
CWE.749.DPPM-4 |
|
56:
|
Method 'setPrice()' should be declared "private" |
GLOBAL.DPPM-4 |
|
56:
|
Method 'setPrice()' should be declared "final" |
GLOBAL.SPPM-5 |
|
56:
|
Formal parameter 'price' is not declared as final |
CODSTA.BP.FPF-3 |
|
56:
|
The parameter 'price' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
56:
|
Parameter 'price' has the same name as a field |
OOP.HMF-3 |
|
60:
|
No JUnit test method defined for 'inflatePrice()' |
JUNIT.TEST-2 |
|
60:
|
Missing Javadoc comment for method 'inflatePrice()' |
JAVADOC.PJDM-3 |
|
60:
|
Method 'inflatePrice()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
60:
|
Method 'inflatePrice()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
60:
|
Method 'inflatePrice()' should be declared "final" |
GLOBAL.SPPM-5 |
|
60:
|
Formal parameter 'amount' is not declared as final |
CODSTA.BP.FPF-3 |
|
63:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
63:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/ItemNotFoundException.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
3:
|
Missing Javadoc comment for 'ItemNotFoundException' |
JAVADOC.PJDC-3 |
|
3:
|
ItemNotFoundException implements Serializable instead of Externalizable |
SERIAL.EZEE-3 |
|
3:
|
Class 'com.parasoft.bookstore.ItemNotFoundException' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
3:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
3:
|
Class 'com.parasoft.bookstore.ItemNotFoundException' should be declared "final" |
GLOBAL.SPPC-5 |
|
3:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
3:
|
"class" missing a no argument constructor: ItemNotFoundException |
CODSTA.POD.DCTOR-5 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
4:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
8:
|
No JUnit test method defined for 'ItemNotFoundException()' |
JUNIT.TEST-2 |
|
8:
|
'public' constructor declared |
CODSTA.BP.CMUTA-3 |
|
8:
|
Missing Javadoc comment for method 'ItemNotFoundException()' |
JAVADOC.PJDM-3 |
|
8:
|
Constructor 'ItemNotFoundException()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
8:
|
Constructor 'ItemNotFoundException()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
8:
|
Flag not present |
SECURITY.WSC.INIVF-4 |
|
8:
|
Formal parameter 'msg' is not declared as final |
CODSTA.BP.FPF-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/Order.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
getter method without an @invariant contract: getBook() |
DBC.IGM-3 |
|
3:
|
getter method without an @invariant contract: getQuantity() |
DBC.IGM-3 |
|
3:
|
getter method without an @invariant contract: getTimestamp() |
DBC.IGM-3 |
|
3:
|
Missing Javadoc comment for 'Order' |
JAVADOC.PJDC-3 |
|
3:
|
Public clone method missing |
OOP.MUCOP-3 |
|
3:
|
Static creation method missing |
OOP.MUCOP-3 |
|
3:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
3:
|
Class 'com.parasoft.bookstore.Order' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
3:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
3:
|
Class 'com.parasoft.bookstore.Order' should be declared "final" |
GLOBAL.SPPC-5 |
|
3:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
3:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
3:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
3:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
3:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
5:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
5:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
5:
|
Variable 'quantity' does not end with 'int' |
NAMING.UHN-4 |
|
6:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
6:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
6:
|
Missing 'setTimestamp()' method for field 'timestamp' |
BEAN.NFM-4 |
|
6:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
8:
|
Missing Javadoc comment for method 'Order()' |
JAVADOC.PJDM-3 |
|
8:
|
No JUnit test method defined for 'Order()' |
JUNIT.TEST-2 |
|
9:
|
Inspect that 'System.currentTimeMillis()' is used securely |
SECURITY.BV.ADT-5 |
|
12:
|
Missing Javadoc comment for method 'Order()' |
JAVADOC.PJDM-3 |
|
12:
|
Constructor 'Order()' should be declared "private" |
CWE.749.DPPM-4 |
|
12:
|
Constructor 'Order()' should be declared "private" |
GLOBAL.DPPM-4 |
|
12:
|
No JUnit test method defined for 'Order()' |
JUNIT.TEST-2 |
|
12:
|
Formal parameter 'book' is not declared as final |
CODSTA.BP.FPF-3 |
|
12:
|
The parameter 'book' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
12:
|
Parameter 'book' has the same name as a field |
OOP.HMF-3 |
|
12:
|
Formal parameter 'quantity' is not declared as final |
CODSTA.BP.FPF-3 |
|
12:
|
The parameter 'quantity' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
12:
|
Parameter 'quantity' has the same name as a field |
OOP.HMF-3 |
|
12:
|
Variable 'quantity' does not end with 'int' |
NAMING.UHN-4 |
|
12:
|
Formal parameter 'timestamp' is not declared as final |
CODSTA.BP.FPF-3 |
|
12:
|
The parameter 'timestamp' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
12:
|
Parameter 'timestamp' has the same name as a field |
OOP.HMF-3 |
|
12:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
18:
|
No JUnit test method defined for 'getBook()' |
JUNIT.TEST-2 |
|
18:
|
The method 'getBook' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
18:
|
Method 'getBook()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
18:
|
Method 'getBook()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
18:
|
Method 'getBook()' should be declared "final" |
GLOBAL.SPPM-5 |
|
18:
|
Getter method 'getBook()' is not declared "final" |
OPT.MAF-5 |
|
22:
|
Setter method 'setBook()' is not declared "final" |
OPT.MAF-5 |
|
22:
|
No JUnit test method defined for 'setBook()' |
JUNIT.TEST-2 |
|
22:
|
Globally unused "public" method: setBook() |
GLOBAL.UPPM-4 |
|
22:
|
Formal parameter 'book' is not declared as final |
CODSTA.BP.FPF-3 |
|
22:
|
The parameter 'book' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
22:
|
Parameter 'book' has the same name as a field |
OOP.HMF-3 |
|
26:
|
Method 'getQuantity()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
26:
|
Method 'getQuantity()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
26:
|
Method 'getQuantity()' should be declared "final" |
GLOBAL.SPPM-5 |
|
26:
|
Getter method 'getQuantity()' is not declared "final" |
OPT.MAF-5 |
|
26:
|
No JUnit test method defined for 'getQuantity()' |
JUNIT.TEST-2 |
|
30:
|
Setter method 'setQuantity()' is not declared "final" |
OPT.MAF-5 |
|
30:
|
No JUnit test method defined for 'setQuantity()' |
JUNIT.TEST-2 |
|
30:
|
Method 'setQuantity()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
30:
|
Method 'setQuantity()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
30:
|
Method 'setQuantity()' should be declared "final" |
GLOBAL.SPPM-5 |
|
30:
|
Formal parameter 'quantity' is not declared as final |
CODSTA.BP.FPF-3 |
|
30:
|
The parameter 'quantity' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
30:
|
Parameter 'quantity' has the same name as a field |
OOP.HMF-3 |
|
30:
|
Variable 'quantity' does not end with 'int' |
NAMING.UHN-4 |
|
34:
|
No JUnit test method defined for 'modifyCount()' |
JUNIT.TEST-2 |
|
34:
|
Missing Javadoc comment for method 'modifyCount()' |
JAVADOC.PJDM-3 |
|
34:
|
Method 'modifyCount()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
34:
|
Method 'modifyCount()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
34:
|
Method 'modifyCount()' should be declared "final" |
GLOBAL.SPPM-5 |
|
34:
|
Formal parameter 'amount' is not declared as final |
CODSTA.BP.FPF-3 |
|
34:
|
Variable 'amount' does not end with 'int' |
NAMING.UHN-4 |
|
38:
|
No JUnit test method defined for 'getTimestamp()' |
JUNIT.TEST-2 |
|
38:
|
Globally unused "public" method: getTimestamp() |
GLOBAL.UPPM-4 |
|
38:
|
Getter method 'getTimestamp()' is not declared "final" |
OPT.MAF-5 |
|
42:
|
Missing Javadoc comment for method 'refreshTimestamp()' |
JAVADOC.PJDM-3 |
|
42:
|
Name of setter method 'refreshTimestamp' does not match user-specified regular expression '^set.' |
NAMING.SETA-3 |
|
42:
|
Method 'refreshTimestamp()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
42:
|
Method 'refreshTimestamp()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
42:
|
Method 'refreshTimestamp()' should be declared "final" |
GLOBAL.SPPM-5 |
|
42:
|
No JUnit test method defined for 'refreshTimestamp()' |
JUNIT.TEST-2 |
|
43:
|
Inspect that 'System.currentTimeMillis()' is used securely |
SECURITY.BV.ADT-5 |
|
45:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
45:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/SecureCartService.java |
|
8:
|
Use 0 blank lines before the package statements |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 0 blank lines before the package statements |
FORMAT.U2BL-3 |
|
11:
|
"import java.sql.PreparedStatement" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
11:
|
"import java.sql.PreparedStatement" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
15:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
15:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
15:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
15:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
15:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
15:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
15:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
15:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
15:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
15:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
15:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
15:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
15:
|
Missing Javadoc comment for 'SecureCartService' |
JAVADOC.PJDC-3 |
|
15:
|
Public clone method missing |
OOP.MUCOP-3 |
|
15:
|
Static creation method missing |
OOP.MUCOP-3 |
|
15:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
15:
|
Globally unused "public" class: com.parasoft.bookstore.SecureCartService |
GLOBAL.UPPC-4 |
|
15:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
15:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
15:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
15:
|
"class" missing a no argument constructor: SecureCartService |
CODSTA.POD.DCTOR-5 |
|
15:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
16:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
16:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
16:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
18:
|
'@see ...' doesn't match any Java element |
JAVADOC.DPMT-3 |
|
18:
|
'@see ...' doesn't match any Java element |
OWASP2019.API9.DPMT-3 |
|
21:
|
No JUnit test method defined for 'getItemByTitle()' |
JUNIT.TEST-2 |
|
21:
|
The method 'getItemByTitle' should include an '@post' or '@return' tag describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
21:
|
Missing Javadoc tag '@since' for method 'getItemByTitle()' |
JAVADOC.ECTM-3 |
|
21:
|
Globally unused "public" method: getItemByTitle() |
GLOBAL.UPPM-4 |
|
21:
|
Method 'getItemByTitle' returns a value, but 'invocationCounter' changes state on line: '22' |
OOP.CQS-4 |
|
21:
|
"public" method without a '@post' contract: getItemByTitle () |
DBC.PUBMPOST-3 |
|
21:
|
"public" method without a '@pre' contract: getItemByTitle |
DBC.PUBMPRE-3 |
|
21:
|
Formal parameter 'title' is not declared as final |
CODSTA.BP.FPF-3 |
|
23:
|
Variable 'books' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
23:
|
The declaration of the local variable 'books' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
23:
|
There is not 1 space after 'null' |
APSC_DV.003215.SCOP-3 |
|
23:
|
There is not 1 space after 'null' |
FORMAT.SCOP-3 |
|
23:
|
The String literal "" is used |
SECURITY.WSC.SL-3 |
|
24:
|
Enhanced "for" loop used |
CODSTA.READ.AEFS-5 |
|
24:
|
The length of the identifier "b" is less than the minimum length (2) |
NAMING.LLI-4 |
|
25:
|
field 'invocationCounter' is used multiple times |
MOBILE.ACFM-3 |
|
25:
|
Non-local variable 'invocationCounter' used inside loop body |
OPT.USV-4 |
|
26:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
| +
|
28:
|
The state of the object: "this.invocationCounter" was changed and has not been restored |
BD.PB.REVOBJ-5 |
| |
|
Start of the path
SecureCartService.java (21): getItemByTitle(String title) throws Exception
SecureCartService.java (22): ++invocationCounter; *** Change the state of the object: "this.invocationCounter"
SecureCartService.java (23): title != null? title : "" *** Condition evaluation: (title != null) (assuming true)
SecureCartService.java (23): Book[] books = getByTitleLike(title != null? title : ""); *** SecureCartService.getByTitleLike() throws SQLException
SecureCartService.java (36): String query = "SELECT DISTINCT " +
SecureCartService.java (55): BookStoreDB db = BookStoreDB.getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
SecureCartService.java (56): PreparedStatement stmt = db.prepareStatement(query,
SecureCartService.java (59): stmt.setString(1, "%" + titlePart.toLowerCase() + "%");
SecureCartService.java (60): stmt.executeQuery() *** PreparedStatement.executeQuery() throws SQLException
End of the path
SecureCartService.java (28): } |
|
| +
|
28:
|
The state of the object: "this.invocationCounter" was changed and has not been restored |
CERT.ERR03.REVOBJ-3 |
| |
|
Start of the path
SecureCartService.java (21): getItemByTitle(String title) throws Exception
SecureCartService.java (22): ++invocationCounter; *** Change the state of the object: "this.invocationCounter"
SecureCartService.java (23): title != null? title : "" *** Condition evaluation: (title != null) (assuming true)
SecureCartService.java (23): Book[] books = getByTitleLike(title != null? title : ""); *** SecureCartService.getByTitleLike() throws SQLException
SecureCartService.java (36): String query = "SELECT DISTINCT " +
SecureCartService.java (55): BookStoreDB db = BookStoreDB.getDBInstance();
BookStoreDB.java (51): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (53): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (56): return db;
SecureCartService.java (56): PreparedStatement stmt = db.prepareStatement(query,
SecureCartService.java (59): stmt.setString(1, "%" + titlePart.toLowerCase() + "%");
SecureCartService.java (60): stmt.executeQuery() *** PreparedStatement.executeQuery() throws SQLException
End of the path
SecureCartService.java (28): } |
|
|
34:
|
Line is longer than 80 characters: 103 |
APSC_DV.003215.LL-3 |
|
34:
|
Line is longer than 80 characters: 103 |
FORMAT.LL-3 |
|
34:
|
Elements in 'SecureCartService' not ordered appropriately, first violation: method 'getByTitleLike' at line 30 should be placed
before method 'getItemByTitle' at line 16 |
CODSTA.ORG.FO-3 |
|
34:
|
The '@post'/'@return' tag(s) for the method 'getByTitleLike' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
34:
|
"private" method without a '@post' contract: getByTitleLike () |
DBC.PRIMPOST-5 |
|
34:
|
"private" method without a '@pre' contract: getByTitleLike () |
DBC.PRIMPRE-5 |
|
34:
|
Formal parameter 'titlePart' is not declared as final |
CODSTA.BP.FPF-3 |
|
36:
|
The declaration of the local variable 'query' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
36:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
36:
|
Non internationalized string: "SELECT DISTINCT " |
INTER.ITT-3 |
|
36:
|
Concatenating strings |
INTER.COS-5 |
|
36:
|
The String literal "SELECT DISTINCT " is used |
SECURITY.WSC.SL-3 |
|
37:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
37:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
37:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
37:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
37:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
38:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
38:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
38:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
38:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
38:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
38:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
39:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
39:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
39:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
39:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
39:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
40:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
40:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
40:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
40:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
40:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
41:
|
Line is longer than 80 characters: 123 |
APSC_DV.003215.LL-3 |
|
41:
|
Line is longer than 80 characters: 123 |
FORMAT.LL-3 |
|
41:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
41:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
41:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
41:
|
The String literal " as " is used |
SECURITY.WSC.SL-3 |
|
41:
|
Non internationalized string: " as " |
INTER.ITT-3 |
|
41:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
41:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
42:
|
Line is longer than 80 characters: 84 |
APSC_DV.003215.LL-3 |
|
42:
|
Line is longer than 80 characters: 84 |
FORMAT.LL-3 |
|
42:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
42:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
42:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
42:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
42:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
43:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
43:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
43:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
43:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
43:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
44:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
44:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
44:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
45:
|
The String literal " FROM " is used |
SECURITY.WSC.SL-3 |
|
45:
|
Non internationalized string: " FROM " |
INTER.ITT-3 |
|
46:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
46:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
46:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
47:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
47:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
48:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
49:
|
Non internationalized string: " WHERE " |
INTER.ITT-3 |
|
49:
|
The String literal " WHERE " is used |
SECURITY.WSC.SL-3 |
|
50:
|
Line is longer than 80 characters: 106 |
APSC_DV.003215.LL-3 |
|
50:
|
Line is longer than 80 characters: 106 |
FORMAT.LL-3 |
|
50:
|
Non internationalized string: "LCASE(" |
INTER.ITT-3 |
|
50:
|
The String literal "LCASE(" is used |
SECURITY.WSC.SL-3 |
|
50:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
50:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
50:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
50:
|
The String literal ")" is used |
SECURITY.WSC.SL-3 |
|
50:
|
Single character ')' using double quotes in string concatenation |
OPT.STR-3 |
|
50:
|
Non internationalized string: " LIKE ? AND " |
INTER.ITT-3 |
|
50:
|
The String literal " LIKE ? AND " is used |
SECURITY.WSC.SL-3 |
|
51:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
51:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
51:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
51:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
51:
|
The String literal " = " is used |
SECURITY.WSC.SL-3 |
|
52:
|
Line is longer than 80 characters: 83 |
APSC_DV.003215.LL-3 |
|
52:
|
Line is longer than 80 characters: 83 |
FORMAT.LL-3 |
|
52:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
52:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
52:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
52:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
52:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
53:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
53:
|
Non internationalized string: ".publisher_id = " |
INTER.ITT-3 |
|
53:
|
The String literal ".publisher_id = " is used |
SECURITY.WSC.SL-3 |
|
54:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
54:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
54:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
55:
|
The declaration of the local variable 'db' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
56:
|
interface type 'PreparedStatement' is used |
MOBILE.AUI-3 |
|
56:
|
JDBC resource 'stmt' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
56:
|
The declaration of the local variable 'stmt' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
57:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
57:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
58:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
58:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
59:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
59:
|
Single character '%' using double quotes in string concatenation |
OPT.STR-3 |
|
59:
|
Concatenating strings |
INTER.COS-5 |
|
59:
|
The String literal "%" is used |
SECURITY.WSC.SL-3 |
|
59:
|
The 'toLowerCase' method is called without the java.util.Locale parameter |
CERT.STR02.CCL-2 |
|
59:
|
The 'toLowerCase' method is called without the java.util.Locale parameter |
INTER.CCL-3 |
|
59:
|
Single character '%' using double quotes in string concatenation |
OPT.STR-3 |
|
59:
|
The String literal "%" is used |
SECURITY.WSC.SL-3 |
|
60:
|
Line is longer than 80 characters: 81 |
APSC_DV.003215.LL-3 |
|
60:
|
Line is longer than 80 characters: 81 |
FORMAT.LL-3 |
|
60:
|
There is not 1 space after 'books' |
APSC_DV.003215.SAOP-3 |
|
60:
|
There is not 1 space after 'books' |
FORMAT.SAOP-3 |
|
60:
|
Variable 'books' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
60:
|
The declaration of the local variable 'books' is not followed by a comment |
CODSTA.READ.CLV-5 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/SubmittedOrder.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
5:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
SubmittedOrder has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
5:
|
getter method without an @invariant contract: getOrderTime() |
DBC.IGM-3 |
|
5:
|
getter method without an @invariant contract: getSuccess() |
DBC.IGM-3 |
|
5:
|
Missing Javadoc comment for 'SubmittedOrder' |
JAVADOC.PJDC-3 |
|
5:
|
Public clone method missing |
OOP.MUCOP-3 |
|
5:
|
Static creation method missing |
OOP.MUCOP-3 |
|
5:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
5:
|
Globally unused "public" class: com.parasoft.bookstore.SubmittedOrder |
GLOBAL.UPPC-4 |
|
5:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
5:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
5:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
5:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
5:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
6:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
6:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
6:
|
Missing 'isSuccessIndicator()' method for field 'successIndicator' |
BEAN.NFM-4 |
|
6:
|
Missing 'setSuccessIndicator()' method for field 'successIndicator' |
BEAN.NFM-4 |
|
6:
|
Variable 'successIndicator' does not end with 'boolean' |
NAMING.UHN-4 |
|
7:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
7:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
7:
|
Missing 'getDate()' method for field 'date' |
BEAN.NFM-4 |
|
7:
|
Missing 'setDate()' method for field 'date' |
BEAN.NFM-4 |
|
7:
|
Inspect usage of the 'Date' object 'date' |
SECURITY.BV.ADT-5 |
|
9:
|
No JUnit test method defined for 'SubmittedOrder()' |
JUNIT.TEST-2 |
|
9:
|
Missing Javadoc comment for method 'SubmittedOrder()' |
JAVADOC.PJDM-3 |
|
9:
|
Field 'date', declared on line 7, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
9:
|
Field 'successIndicator', declared on line 6, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
13:
|
No JUnit test method defined for 'SubmittedOrder()' |
JUNIT.TEST-2 |
|
13:
|
Missing Javadoc comment for method 'SubmittedOrder()' |
JAVADOC.PJDM-3 |
|
13:
|
Globally unused "public" constructor SubmittedOrder() |
GLOBAL.UPPM-4 |
|
13:
|
Formal parameter 'successIndicator' is not declared as final |
CODSTA.BP.FPF-3 |
|
13:
|
The parameter 'successIndicator' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
13:
|
Parameter 'successIndicator' has the same name as a field |
OOP.HMF-3 |
|
13:
|
Variable 'successIndicator' does not end with 'boolean' |
NAMING.UHN-4 |
|
13:
|
Formal parameter 'time' is not declared as final |
CODSTA.BP.FPF-3 |
|
13:
|
Variable 'time' does not end with 'long' |
NAMING.UHN-4 |
|
18:
|
No JUnit test method defined for 'setOrderTime()' |
JUNIT.TEST-2 |
|
18:
|
Missing Javadoc comment for method 'setOrderTime()' |
JAVADOC.PJDM-3 |
|
18:
|
Globally unused "public" method: setOrderTime() |
GLOBAL.UPPM-4 |
|
18:
|
Setter method 'setOrderTime()' is not declared "final" |
OPT.MAF-5 |
|
18:
|
Formal parameter 'date' is not declared as final |
CODSTA.BP.FPF-3 |
|
18:
|
The parameter 'date' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
18:
|
Parameter 'date' has the same name as a field |
OOP.HMF-3 |
|
18:
|
Inspect usage of the 'Date' object 'date' |
SECURITY.BV.ADT-5 |
|
22:
|
No JUnit test method defined for 'getOrderTime()' |
JUNIT.TEST-2 |
|
22:
|
The method 'getOrderTime' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
22:
|
Missing Javadoc comment for method 'getOrderTime()' |
JAVADOC.PJDM-3 |
|
22:
|
Globally unused "public" method: getOrderTime() |
GLOBAL.UPPM-4 |
|
22:
|
Getter method 'getOrderTime()' is not declared "final" |
OPT.MAF-5 |
|
26:
|
No JUnit test method defined for 'setSuccess()' |
JUNIT.TEST-2 |
|
26:
|
Missing Javadoc comment for method 'setSuccess()' |
JAVADOC.PJDM-3 |
|
26:
|
Globally unused "public" method: setSuccess() |
GLOBAL.UPPM-4 |
|
26:
|
Setter method 'setSuccess()' is not declared "final" |
OPT.MAF-5 |
|
26:
|
Formal parameter 'successIndicator' is not declared as final |
CODSTA.BP.FPF-3 |
|
26:
|
The parameter 'successIndicator' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
26:
|
Parameter 'successIndicator' has the same name as a field |
OOP.HMF-3 |
|
26:
|
Variable 'successIndicator' does not end with 'boolean' |
NAMING.UHN-4 |
|
30:
|
No JUnit test method defined for 'getSuccess()' |
JUNIT.TEST-2 |
|
30:
|
Missing Javadoc comment for method 'getSuccess()' |
JAVADOC.PJDM-3 |
|
30:
|
Name of "boolean" getter method 'getSuccess' does not match user-specified regular expression '^(is|can|has|have|are|was|contains).' |
NAMING.GETB-3 |
|
30:
|
Globally unused "public" method: getSuccess() |
GLOBAL.UPPM-4 |
|
30:
|
Getter method 'getSuccess()' is not declared "final" |
OPT.MAF-5 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore/TempBook.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
3:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
TempBook has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
3:
|
getter method without an @invariant contract: getTimestamp() |
DBC.IGM-3 |
|
3:
|
getter method without an @invariant contract: getBook() |
DBC.IGM-3 |
|
3:
|
Missing Javadoc comment for 'TempBook' |
JAVADOC.PJDC-3 |
|
3:
|
Public clone method missing |
OOP.MUCOP-3 |
|
3:
|
Static creation method missing |
OOP.MUCOP-3 |
|
3:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
3:
|
Class 'com.parasoft.bookstore.TempBook' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
3:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
3:
|
Class 'com.parasoft.bookstore.TempBook' should be declared "final" |
GLOBAL.SPPC-5 |
|
3:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
3:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
3:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
3:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
5:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
5:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
5:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
7:
|
No JUnit test method defined for 'TempBook()' |
JUNIT.TEST-2 |
|
7:
|
Missing Javadoc comment for method 'TempBook()' |
JAVADOC.PJDM-3 |
|
7:
|
Field 'timestamp', declared on line 5, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
7:
|
Field 'book', declared on line 4, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
11:
|
No JUnit test method defined for 'TempBook()' |
JUNIT.TEST-2 |
|
11:
|
Missing Javadoc comment for method 'TempBook()' |
JAVADOC.PJDM-3 |
|
11:
|
Globally unused "public" constructor TempBook() |
GLOBAL.UPPM-4 |
|
11:
|
Formal parameter 'book' is not declared as final |
CODSTA.BP.FPF-3 |
|
11:
|
The parameter 'book' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
11:
|
Parameter 'book' has the same name as a field |
OOP.HMF-3 |
|
11:
|
Formal parameter 'timestamp' is not declared as final |
CODSTA.BP.FPF-3 |
|
11:
|
The parameter 'timestamp' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
11:
|
Parameter 'timestamp' has the same name as a field |
OOP.HMF-3 |
|
11:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
16:
|
No JUnit test method defined for 'getTimestamp()' |
JUNIT.TEST-2 |
|
16:
|
Globally unused "public" method: getTimestamp() |
GLOBAL.UPPM-4 |
|
16:
|
Getter method 'getTimestamp()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
Setter method 'setTimestamp()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
No JUnit test method defined for 'setTimestamp()' |
JUNIT.TEST-2 |
|
20:
|
Globally unused "public" method: setTimestamp() |
GLOBAL.UPPM-4 |
|
20:
|
Formal parameter 'timestamp' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'timestamp' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'timestamp' has the same name as a field |
OOP.HMF-3 |
|
20:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
24:
|
No JUnit test method defined for 'getBook()' |
JUNIT.TEST-2 |
|
24:
|
The method 'getBook' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
24:
|
Method 'getBook()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
24:
|
Method 'getBook()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
24:
|
Method 'getBook()' should be declared "final" |
GLOBAL.SPPM-5 |
|
24:
|
Getter method 'getBook()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
Setter method 'setBook()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
No JUnit test method defined for 'setBook()' |
JUNIT.TEST-2 |
|
28:
|
Globally unused "public" method: setBook() |
GLOBAL.UPPM-4 |
|
28:
|
Formal parameter 'book' is not declared as final |
CODSTA.BP.FPF-3 |
|
28:
|
The parameter 'book' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
28:
|
Parameter 'book' has the same name as a field |
OOP.HMF-3 |
|
32:
|
No JUnit test method defined for 'refreshTimestamp()' |
JUNIT.TEST-2 |
|
32:
|
Missing Javadoc comment for method 'refreshTimestamp()' |
JAVADOC.PJDM-3 |
|
32:
|
Name of setter method 'refreshTimestamp' does not match user-specified regular expression '^set.' |
NAMING.SETA-3 |
|
32:
|
Method 'refreshTimestamp()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
32:
|
Method 'refreshTimestamp()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
32:
|
Method 'refreshTimestamp()' should be declared "final" |
GLOBAL.SPPM-5 |
|
33:
|
Inspect that 'System.currentTimeMillis()' is used securely |
SECURITY.BV.ADT-5 |
|
35:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
35:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/Book.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
4:
|
"import java.math.BigDecimal" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
4:
|
"import java.math.BigDecimal" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
5:
|
"import java.util.Date" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
5:
|
"import java.util.Date" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
7:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Serializable class 'Book' does not implement readObject() |
APSC_DV.001460.OROM-2 |
|
7:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
7:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Book has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
7:
|
getter method without an @invariant contract: getISBN() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getGenre() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getPublicationDate() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getDescription() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getAuthors() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getPublisher() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getTimestamp() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getProductInfo() |
DBC.IGM-3 |
|
7:
|
Missing Javadoc comment for 'Book' |
JAVADOC.PJDC-3 |
|
7:
|
Public clone method missing |
OOP.MUCOP-3 |
|
7:
|
Static creation method missing |
OOP.MUCOP-3 |
|
7:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
7:
|
Book implements Serializable instead of Externalizable |
SERIAL.EZEE-3 |
|
7:
|
Class 'com.parasoft.bookstore2.Book' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
7:
|
Class 'com.parasoft.bookstore2.Book' should be declared "final" |
GLOBAL.SPPC-5 |
|
7:
|
Serializable class 'Book' does not implement readObject() |
OWASP2017.A8.OROM-5 |
|
7:
|
Serializable class 'Book' does not implement readObject() |
OWASP2021.A8.OROM-5 |
|
7:
|
Serializable class 'Book' does not implement readObject() |
SECURITY.EAB.OROM-5 |
|
7:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
7:
|
Number of Javadoc comments are below thresholds (%): 4.0 |
METRICS.PJDC-3 |
|
7:
|
interface type 'Serializable' is used |
MOBILE.AUI-3 |
|
8:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
8:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
Inspect field 'isbn' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
12:
|
Inspect field 'isbn' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
12:
|
Inspect field 'isbn' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
12:
|
Missing 'getIsbn()' method for field 'isbn' |
BEAN.NFM-4 |
|
12:
|
Missing 'setIsbn()' method for field 'isbn' |
BEAN.NFM-4 |
|
12:
|
Field 'isbn' should be declared "private" |
GLOBAL.DPPF-4 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
13:
|
Inspect field 'genre' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
13:
|
Inspect field 'genre' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
13:
|
Inspect field 'genre' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
13:
|
Field 'genre' should be declared "private" |
GLOBAL.DPPF-4 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Inspect field 'publication_date' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
14:
|
Inspect field 'publication_date' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
14:
|
Inspect field 'publication_date' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
14:
|
Missing 'getPublication_date()' method for field 'publication_date' |
BEAN.NFM-4 |
|
14:
|
Missing 'setPublication_date()' method for field 'publication_date' |
BEAN.NFM-4 |
|
14:
|
Field 'publication_date' should be declared "private" |
GLOBAL.DPPF-4 |
|
14:
|
Inspect usage of the 'Date' object 'publication_date' |
SECURITY.BV.ADT-5 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
15:
|
Inspect field 'description' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
15:
|
Inspect field 'description' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
15:
|
Inspect field 'description' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
15:
|
Field 'description' should be declared "private" |
GLOBAL.DPPF-4 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
16:
|
Inspect field 'authors' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
16:
|
Inspect field 'authors' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
16:
|
Inspect field 'authors' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
16:
|
Field 'authors' should be declared "private" |
GLOBAL.DPPF-4 |
|
17:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
17:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
17:
|
Inspect field 'publisher' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
17:
|
Inspect field 'publisher' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
17:
|
Inspect field 'publisher' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
17:
|
Field 'publisher' should be declared "private" |
GLOBAL.DPPF-4 |
|
18:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
18:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
18:
|
Inspect field 'timestamp' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
18:
|
Inspect field 'timestamp' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
18:
|
Inspect field 'timestamp' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
18:
|
Missing 'setTimestamp()' method for field 'timestamp' |
BEAN.NFM-4 |
|
18:
|
Field 'timestamp' should be declared "private" |
GLOBAL.DPPF-4 |
|
18:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
19:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
19:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
19:
|
Inspect field 'product' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
19:
|
Inspect field 'product' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
19:
|
Inspect field 'product' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
19:
|
Missing 'getProduct()' method for field 'product' |
BEAN.NFM-4 |
|
19:
|
Missing 'setProduct()' method for field 'product' |
BEAN.NFM-4 |
|
19:
|
Field 'product' should be declared "private" |
GLOBAL.DPPF-4 |
|
21:
|
No JUnit test method defined for 'Book()' |
JUNIT.TEST-2 |
|
21:
|
Missing Javadoc comment for method 'Book()' |
JAVADOC.PJDM-3 |
|
21:
|
Field 'timestamp', declared on line 18, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
21:
|
Field 'product', declared on line 19, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
21:
|
Field 'description', declared on line 15, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
21:
|
Field 'isbn', declared on line 12, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
21:
|
Field 'publication_date', declared on line 14, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
21:
|
Field 'publisher', declared on line 17, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
21:
|
Field 'genre', declared on line 13, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
21:
|
Field 'authors', declared on line 16, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
25:
|
Constructor 'Book' throws 'ItemNotFoundException' |
CERT.OBJ11.EPNFC-1 |
|
25:
|
No JUnit test method defined for 'Book()' |
JUNIT.TEST-2 |
|
25:
|
Constructor 'Book' throws 'ItemNotFoundException' |
EXCEPT.EPNFC-3 |
|
25:
|
Missing Javadoc comment for method 'Book()' |
JAVADOC.PJDM-3 |
|
25:
|
Constructor 'Book()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
25:
|
Constructor 'Book()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
25:
|
Field 'timestamp', declared on line 18, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
25:
|
'Book ()' contains too many parameters: 7 |
METRICS.PAR-2 |
|
25:
|
Formal parameter 'isbn' is not declared as final |
CODSTA.BP.FPF-3 |
|
25:
|
The parameter 'isbn' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
25:
|
Parameter 'isbn' has the same name as a field |
OOP.HMF-3 |
|
25:
|
Formal parameter 'genre' is not declared as final |
CODSTA.BP.FPF-3 |
|
25:
|
The parameter 'genre' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
25:
|
Parameter 'genre' has the same name as a field |
OOP.HMF-3 |
|
25:
|
Formal parameter 'year' is not declared as final |
CODSTA.BP.FPF-3 |
|
25:
|
Inspect usage of the 'Date' object 'year' |
SECURITY.BV.ADT-5 |
|
25:
|
Array parameter 'authors' is not cloned before it is stored |
CWE.496.CAP-1 |
|
25:
|
Array parameter 'authors' is not cloned before it is stored |
SECURITY.WSC.CAP-1 |
|
25:
|
Formal parameter 'authors' is not declared as final |
CODSTA.BP.FPF-3 |
|
25:
|
The parameter 'authors' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
25:
|
Parameter 'authors' has the same name as a field |
OOP.HMF-3 |
|
26:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
26:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
26:
|
Formal parameter 'publisher' is not declared as final |
CODSTA.BP.FPF-3 |
|
26:
|
The parameter 'publisher' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
26:
|
Parameter 'publisher' has the same name as a field |
OOP.HMF-3 |
|
26:
|
Formal parameter 'description' is not declared as final |
CODSTA.BP.FPF-3 |
|
26:
|
The parameter 'description' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
26:
|
Parameter 'description' has the same name as a field |
OOP.HMF-3 |
|
26:
|
Formal parameter 'product' is not declared as final |
CODSTA.BP.FPF-3 |
|
26:
|
The parameter 'product' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
26:
|
Parameter 'product' has the same name as a field |
OOP.HMF-3 |
|
27:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
27:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
27:
|
Exception 'ItemNotFoundException' is not thrown in the body of method 'Book' |
GLOBAL.AUT-2 |
|
28:
|
Opening brace '{' is not on the same line as the constructor declaration |
APSC_DV.003215.FCB-3 |
|
28:
|
Opening brace '{' is not on the same line as the constructor declaration |
FORMAT.FCB-3 |
|
32:
|
This assignment may store the original parameter 'year' rather than a copy of the parameter into the field 'publication_date' |
CERT.OBJ05.SMO-1 |
|
32:
|
This assignment may store the original parameter 'year' rather than a copy of the parameter into the field 'publication_date' |
CERT.OBJ06.SMO-2 |
|
32:
|
This assignment may store the original parameter 'year' rather than a copy of the parameter into the field 'publication_date' |
CERT.OBJ04.SMO-3 |
|
32:
|
This assignment may store the original parameter 'year' rather than a copy of the parameter into the field 'publication_date' |
SECURITY.EAB.SMO-3 |
|
39:
|
No JUnit test method defined for 'getISBN()' |
JUNIT.TEST-2 |
|
39:
|
The method 'getISBN' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
39:
|
Globally unused "public" method: getISBN() |
GLOBAL.UPPM-4 |
|
39:
|
Getter method 'getISBN()' is not declared "final" |
OPT.MAF-5 |
|
43:
|
Setter method 'setISBN()' is not declared "final" |
OPT.MAF-5 |
|
43:
|
No JUnit test method defined for 'setISBN()' |
JUNIT.TEST-2 |
|
43:
|
Globally unused "public" method: setISBN() |
GLOBAL.UPPM-4 |
|
43:
|
Formal parameter 'isbn' is not declared as final |
CODSTA.BP.FPF-3 |
|
43:
|
The parameter 'isbn' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
43:
|
Parameter 'isbn' has the same name as a field |
OOP.HMF-3 |
|
47:
|
No JUnit test method defined for 'getGenre()' |
JUNIT.TEST-2 |
|
47:
|
The method 'getGenre' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
47:
|
Globally unused "public" method: getGenre() |
GLOBAL.UPPM-4 |
|
47:
|
Getter method 'getGenre()' is not declared "final" |
OPT.MAF-5 |
|
51:
|
Setter method 'setGenre()' is not declared "final" |
OPT.MAF-5 |
|
51:
|
No JUnit test method defined for 'setGenre()' |
JUNIT.TEST-2 |
|
51:
|
Globally unused "public" method: setGenre() |
GLOBAL.UPPM-4 |
|
51:
|
Formal parameter 'genre' is not declared as final |
CODSTA.BP.FPF-3 |
|
51:
|
The parameter 'genre' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
51:
|
Parameter 'genre' has the same name as a field |
OOP.HMF-3 |
|
55:
|
No JUnit test method defined for 'getPublicationDate()' |
JUNIT.TEST-2 |
|
55:
|
The method 'getPublicationDate' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
55:
|
Globally unused "public" method: getPublicationDate() |
GLOBAL.UPPM-4 |
|
55:
|
Getter method 'getPublicationDate()' is not declared "final" |
OPT.MAF-5 |
|
59:
|
Setter method 'setPublicationDate()' is not declared "final" |
OPT.MAF-5 |
|
59:
|
No JUnit test method defined for 'setPublicationDate()' |
JUNIT.TEST-2 |
|
59:
|
Globally unused "public" method: setPublicationDate() |
GLOBAL.UPPM-4 |
|
59:
|
Formal parameter 'publication_date' is not declared as final |
CODSTA.BP.FPF-3 |
|
59:
|
The parameter 'publication_date' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
59:
|
Parameter 'publication_date' has the same name as a field |
OOP.HMF-3 |
|
59:
|
Inspect usage of the 'Date' object 'publication_date' |
SECURITY.BV.ADT-5 |
|
63:
|
No JUnit test method defined for 'getDescription()' |
JUNIT.TEST-2 |
|
63:
|
The method 'getDescription' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
63:
|
Globally unused "public" method: getDescription() |
GLOBAL.UPPM-4 |
|
63:
|
Getter method 'getDescription()' is not declared "final" |
OPT.MAF-5 |
|
67:
|
Setter method 'setDescription()' is not declared "final" |
OPT.MAF-5 |
|
67:
|
No JUnit test method defined for 'setDescription()' |
JUNIT.TEST-2 |
|
67:
|
Globally unused "public" method: setDescription() |
GLOBAL.UPPM-4 |
|
67:
|
Formal parameter 'description' is not declared as final |
CODSTA.BP.FPF-3 |
|
67:
|
The parameter 'description' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
67:
|
Parameter 'description' has the same name as a field |
OOP.HMF-3 |
|
71:
|
No JUnit test method defined for 'getAuthors()' |
JUNIT.TEST-2 |
|
71:
|
The method 'getAuthors' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
71:
|
Globally unused "public" method: getAuthors() |
GLOBAL.UPPM-4 |
|
71:
|
Getter method 'getAuthors()' is not declared "final" |
OPT.MAF-5 |
|
72:
|
Exposing the internal representation of 'Book' through the array 'authors' |
CWE.375.RA-3 |
|
72:
|
Exposing the internal representation of 'Book' through the array 'authors' |
CWE.495.RA-3 |
|
72:
|
Exposing the internal representation of 'Book' through the array 'authors' |
SECURITY.ESD.RA-3 |
|
75:
|
No JUnit test method defined for 'setAuthors()' |
JUNIT.TEST-2 |
|
75:
|
Globally unused "public" method: setAuthors() |
GLOBAL.UPPM-4 |
|
75:
|
Setter method 'setAuthors()' is not declared "final" |
OPT.MAF-5 |
|
75:
|
Array parameter 'authors' is not cloned before it is stored |
CWE.496.CAP-1 |
|
75:
|
Array parameter 'authors' is not cloned before it is stored |
SECURITY.WSC.CAP-1 |
|
75:
|
Formal parameter 'authors' is not declared as final |
CODSTA.BP.FPF-3 |
|
75:
|
The parameter 'authors' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
75:
|
Parameter 'authors' has the same name as a field |
OOP.HMF-3 |
|
79:
|
No JUnit test method defined for 'getPublisher()' |
JUNIT.TEST-2 |
|
79:
|
The method 'getPublisher' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
79:
|
Globally unused "public" method: getPublisher() |
GLOBAL.UPPM-4 |
|
79:
|
Getter method 'getPublisher()' is not declared "final" |
OPT.MAF-5 |
|
83:
|
Setter method 'setPublisher()' is not declared "final" |
OPT.MAF-5 |
|
83:
|
No JUnit test method defined for 'setPublisher()' |
JUNIT.TEST-2 |
|
83:
|
Globally unused "public" method: setPublisher() |
GLOBAL.UPPM-4 |
|
83:
|
Formal parameter 'publisher' is not declared as final |
CODSTA.BP.FPF-3 |
|
83:
|
The parameter 'publisher' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
83:
|
Parameter 'publisher' has the same name as a field |
OOP.HMF-3 |
|
87:
|
No JUnit test method defined for 'getTimestamp()' |
JUNIT.TEST-2 |
|
87:
|
Globally unused "public" method: getTimestamp() |
GLOBAL.UPPM-4 |
|
87:
|
Getter method 'getTimestamp()' is not declared "final" |
OPT.MAF-5 |
|
91:
|
No JUnit test method defined for 'refreshTimestamp()' |
JUNIT.TEST-2 |
|
91:
|
Missing Javadoc comment for method 'refreshTimestamp()' |
JAVADOC.PJDM-3 |
|
91:
|
Name of setter method 'refreshTimestamp' does not match user-specified regular expression '^set.' |
NAMING.SETA-3 |
|
91:
|
Globally unused "public" method: refreshTimestamp() |
GLOBAL.UPPM-4 |
|
92:
|
Inspect that 'System.currentTimeMillis()' is used securely |
SECURITY.BV.ADT-5 |
|
95:
|
No JUnit test method defined for 'getProductInfo()' |
JUNIT.TEST-2 |
|
95:
|
The method 'getProductInfo' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
95:
|
Missing Javadoc comment for method 'getProductInfo()' |
JAVADOC.PJDM-3 |
|
95:
|
Method 'getProductInfo()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
95:
|
Method 'getProductInfo()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
95:
|
Method 'getProductInfo()' should be declared "final" |
GLOBAL.SPPM-5 |
|
95:
|
Getter method 'getProductInfo()' is not declared "final" |
OPT.MAF-5 |
|
99:
|
Setter method 'setProductInfo()' is not declared "final" |
OPT.MAF-5 |
|
99:
|
No JUnit test method defined for 'setProductInfo()' |
JUNIT.TEST-2 |
|
99:
|
Missing Javadoc comment for method 'setProductInfo()' |
JAVADOC.PJDM-3 |
|
99:
|
Globally unused "public" method: setProductInfo() |
GLOBAL.UPPM-4 |
|
99:
|
Formal parameter 'product' is not declared as final |
CODSTA.BP.FPF-3 |
|
99:
|
The parameter 'product' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
99:
|
Parameter 'product' has the same name as a field |
OOP.HMF-3 |
|
103:
|
No JUnit test method defined for 'inflatePrice()' |
JUNIT.TEST-2 |
|
103:
|
Missing Javadoc comment for method 'inflatePrice()' |
JAVADOC.PJDM-3 |
|
103:
|
Globally unused "public" method: inflatePrice() |
GLOBAL.UPPM-4 |
|
103:
|
Formal parameter 'bigDecimal' is not declared as final |
CODSTA.BP.FPF-3 |
|
106:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
106:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/BookStoreDB.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
4:
|
"import java.sql.Date" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
4:
|
"import java.sql.Date" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
8:
|
"import java.util.Enumeration" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
8:
|
"import java.util.Enumeration" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
12:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
12:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
12:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
12:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
12:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
12:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
12:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
12:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
12:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
12:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
12:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
12:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
12:
|
Missing Javadoc comment for 'BookStoreDB' |
JAVADOC.PJDC-3 |
|
12:
|
Name of singleton class 'BookStoreDB' does not match user-specified regular expression '^.+Singleton$' |
NAMING.SINGLETON-3 |
|
12:
|
Public clone method missing |
OOP.MUCOP-3 |
|
12:
|
Static creation method missing |
OOP.MUCOP-3 |
|
12:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
12:
|
Globally unused "public" class: com.parasoft.bookstore2.BookStoreDB |
GLOBAL.UPPC-4 |
|
12:
|
This class is not declared as "final" although it has only "private" constructors |
CODSTA.BP.PCF-3 |
|
12:
|
'BookStoreDB' contains too many fields: 17 |
METRICS.NOFT-4 |
|
12:
|
Number of Javadoc comments are below thresholds (%): 5.0 |
METRICS.PJDC-3 |
|
12:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
12:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
12:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
12:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
13:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
13:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
13:
|
Variable 'MAX_BOOKS_TO_ADD' does not end with 'int' |
NAMING.UHN-4 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
There is not 1 space after 'NL_TABLE_BOOK' |
APSC_DV.003215.SAOP-3 |
|
14:
|
There is not 1 space after 'NL_TABLE_BOOK' |
FORMAT.SAOP-3 |
|
14:
|
Non internationalized string: "book" |
INTER.ITT-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
15:
|
There is not 1 space after 'NL_TABLE_AUTHOR' |
APSC_DV.003215.SAOP-3 |
|
15:
|
There is not 1 space after 'NL_TABLE_AUTHOR' |
FORMAT.SAOP-3 |
|
15:
|
Non internationalized string: "author" |
INTER.ITT-3 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
16:
|
Non internationalized string: "publisher" |
INTER.ITT-3 |
|
18:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
18:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
18:
|
There is not 1 space after 'NL_ID' |
APSC_DV.003215.SAOP-3 |
|
18:
|
There is not 1 space after 'NL_ID' |
FORMAT.SAOP-3 |
|
18:
|
Non internationalized string: "id" |
INTER.ITT-3 |
|
19:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
19:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
19:
|
There is not 1 space after 'NL_ISBN' |
APSC_DV.003215.SAOP-3 |
|
19:
|
There is not 1 space after 'NL_ISBN' |
FORMAT.SAOP-3 |
|
19:
|
Non internationalized string: "isbn" |
INTER.ITT-3 |
|
19:
|
Misspelled word 'isbn' |
JAVADOC.SPELL-3 |
|
20:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
20:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
20:
|
There is not 1 space after 'NL_GENRE' |
APSC_DV.003215.SAOP-3 |
|
20:
|
There is not 1 space after 'NL_GENRE' |
FORMAT.SAOP-3 |
|
20:
|
Non internationalized string: "genre" |
INTER.ITT-3 |
|
21:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
21:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
21:
|
There is not 1 space after 'NL_TITLE' |
APSC_DV.003215.SAOP-3 |
|
21:
|
There is not 1 space after 'NL_TITLE' |
FORMAT.SAOP-3 |
|
21:
|
Non internationalized string: "title" |
INTER.ITT-3 |
|
22:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
22:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
22:
|
There is not 1 space after 'NL_YEAR' |
APSC_DV.003215.SAOP-3 |
|
22:
|
There is not 1 space after 'NL_YEAR' |
FORMAT.SAOP-3 |
|
22:
|
Non internationalized string: "year" |
INTER.ITT-3 |
|
23:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
23:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
23:
|
There is not 1 space after 'NL_NAME' |
APSC_DV.003215.SAOP-3 |
|
23:
|
There is not 1 space after 'NL_NAME' |
FORMAT.SAOP-3 |
|
23:
|
Non internationalized string: "name" |
INTER.ITT-3 |
|
24:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
24:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
24:
|
Non internationalized string: "description" |
INTER.ITT-3 |
|
25:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
25:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
25:
|
There is not 1 space after 'NL_PRICE' |
APSC_DV.003215.SAOP-3 |
|
25:
|
There is not 1 space after 'NL_PRICE' |
FORMAT.SAOP-3 |
|
25:
|
Non internationalized string: "price" |
INTER.ITT-3 |
|
26:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
26:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
26:
|
There is not 1 space after 'NL_STOCK' |
APSC_DV.003215.SAOP-3 |
|
26:
|
There is not 1 space after 'NL_STOCK' |
FORMAT.SAOP-3 |
|
26:
|
Non internationalized string: "stock" |
INTER.ITT-3 |
|
28:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
28:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
28:
|
Non internationalized string: "PN" |
INTER.ITT-3 |
|
29:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
29:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
29:
|
Non internationalized string: "AN" |
INTER.ITT-3 |
|
33:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
33:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
33:
|
Found "static" variable of type "Map" or "Collection": 'addedBooks' |
GC.STV-3 |
|
33:
|
"static" field 'addedBooks' not initialized |
INIT.SF-3 |
|
35:
|
Constructor 'BookStoreDB' throws 'SQLException, InstantiationException, IllegalAccessException, ClassNotFoundException' |
CERT.OBJ11.EPNFC-1 |
|
35:
|
Constructor 'BookStoreDB' throws 'SQLException, InstantiationException, IllegalAccessException, ClassNotFoundException' |
EXCEPT.EPNFC-3 |
|
36:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
36:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
40:
|
Opening brace '{' is not on the same line as the constructor declaration |
APSC_DV.003215.FCB-3 |
|
40:
|
Opening brace '{' is not on the same line as the constructor declaration |
FORMAT.FCB-3 |
|
44:
|
No JUnit test method defined for 'getDBInstance()' |
JUNIT.TEST-2 |
|
44:
|
Elements in 'BookStoreDB' not ordered appropriately, first violation: method 'getDBInstance' at line 44 should be placed before
constructor 'BookStoreDB' at line 35 |
CODSTA.ORG.FO-3 |
|
44:
|
The method 'getDBInstance' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
44:
|
Missing Javadoc comment for method 'getDBInstance()' |
JAVADOC.PJDM-3 |
|
44:
|
The class 'BookStoreDB' is a singleton, but the method 'getDBInstance()' to get the singleton instance is not "synchronized" |
OOP.SNGL-3 |
|
44:
|
Method 'getDBInstance()' should be declared "private" |
CWE.749.DPPM-4 |
|
44:
|
Method 'getDBInstance()' should be declared "private" |
GLOBAL.DPPM-4 |
|
45:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
45:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
49:
|
Opening brace '{' is not on the same line as the method declaration |
APSC_DV.003215.FCB-3 |
|
49:
|
Opening brace '{' is not on the same line as the method declaration |
FORMAT.FCB-3 |
|
50:
|
Lazy initialization is not thread-safe: db |
CERT.MSC07.ILI-3 |
|
50:
|
Lazy initialization is not thread-safe: db |
CWE.543.ILI-3 |
|
50:
|
Lazy initialization is not thread-safe: db |
TRS.ILI-3 |
|
50:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
50:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
51:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
CERT.LCK05.IASF-3 |
|
51:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
CWE.543.IASF-3 |
|
51:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
TRS.IASF-3 |
|
52:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
52:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
52:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
54:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
62:
|
No JUnit test method defined for 'getByTitleLike()' |
JUNIT.TEST-2 |
|
62:
|
The '@post'/'@return' tag(s) for the method 'getByTitleLike' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
62:
|
Missing Javadoc tag '@since' for method 'getByTitleLike()' |
JAVADOC.ECTM-3 |
|
62:
|
Method 'getByTitleLike' is missing '@throws java.sql.SQLException' in Javadoc comment |
JAVADOC.THROW-3 |
|
62:
|
Method 'getByTitleLike' is missing '@throws java.lang.InstantiationException' in Javadoc comment |
JAVADOC.THROW-3 |
|
62:
|
Method 'getByTitleLike' is missing '@throws java.lang.IllegalAccessException' in Javadoc comment |
JAVADOC.THROW-3 |
|
62:
|
Method 'getByTitleLike' is missing '@throws java.lang.ClassNotFoundException' in Javadoc comment |
JAVADOC.THROW-3 |
|
62:
|
Method 'getByTitleLike' is missing '@throws com.parasoft.bookstore2.ItemNotFoundException' in Javadoc comment |
JAVADOC.THROW-3 |
|
62:
|
Globally unused "public" method: getByTitleLike() |
GLOBAL.UPPM-4 |
|
62:
|
Method 'getByTitleLike' is missing '@throws java.sql.SQLException' in Javadoc comment |
OWASP2019.API9.THROW-5 |
|
62:
|
Method 'getByTitleLike' is missing '@throws java.lang.InstantiationException' in Javadoc comment |
OWASP2019.API9.THROW-5 |
|
62:
|
Method 'getByTitleLike' is missing '@throws java.lang.IllegalAccessException' in Javadoc comment |
OWASP2019.API9.THROW-5 |
|
62:
|
Method 'getByTitleLike' is missing '@throws java.lang.ClassNotFoundException' in Javadoc comment |
OWASP2019.API9.THROW-5 |
|
62:
|
Method 'getByTitleLike' is missing '@throws com.parasoft.bookstore2.ItemNotFoundException' in Javadoc comment |
OWASP2019.API9.THROW-5 |
|
62:
|
"public" method without a '@post' contract: getByTitleLike () |
DBC.PUBMPOST-3 |
|
62:
|
"public" method without a '@pre' contract: getByTitleLike |
DBC.PUBMPRE-3 |
|
62:
|
'getByTitleLike ()' contains too many 'statements': 58 |
METRICS.NSTMT-3 |
|
62:
|
Method 'getByTitleLike()' contains too many lines: 116.0 |
METRICS.TNLM-2 |
|
62:
|
'getByTitleLike ()' contains too many method calls: 43 |
METRICS.TNMC-2 |
|
62:
|
Formal parameter 'titlePart' is not declared as final |
CODSTA.BP.FPF-3 |
|
63:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
63:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
68:
|
Opening brace '{' is not on the same line as the method declaration |
APSC_DV.003215.FCB-3 |
|
68:
|
Opening brace '{' is not on the same line as the method declaration |
FORMAT.FCB-3 |
|
69:
|
The declaration of the local variable 'query' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
69:
|
Concatenating strings |
INTER.COS-5 |
|
69:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
69:
|
Non internationalized string: "SELECT DISTINCT " |
INTER.ITT-3 |
|
69:
|
The String literal "SELECT DISTINCT " is used |
SECURITY.WSC.SL-3 |
|
70:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
70:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
70:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
70:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
70:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
70:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
70:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
70:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
71:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
71:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
71:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
71:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
71:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
71:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
71:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
71:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
72:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
72:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
72:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
72:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
72:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
72:
|
field 'NL_TITLE' is used multiple times |
MOBILE.ACFM-3 |
|
72:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
72:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
73:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
73:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
73:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
73:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
73:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
73:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
73:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
74:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
74:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
74:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
74:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
74:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
74:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
74:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
75:
|
Line is longer than 80 characters: 83 |
APSC_DV.003215.LL-3 |
|
75:
|
Line is longer than 80 characters: 83 |
FORMAT.LL-3 |
|
75:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
75:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
75:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
75:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
75:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
75:
|
The String literal " as " is used |
SECURITY.WSC.SL-3 |
|
75:
|
Non internationalized string: " as " |
INTER.ITT-3 |
|
75:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
75:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
76:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
76:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
76:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
76:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
76:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
76:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
76:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
77:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
77:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
77:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
77:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
77:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
77:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
77:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
78:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
78:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
78:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
78:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
78:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
78:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
79:
|
The String literal " FROM " is used |
SECURITY.WSC.SL-3 |
|
79:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
79:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
79:
|
Non internationalized string: " FROM " |
INTER.ITT-3 |
|
80:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
80:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
80:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
80:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
80:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
80:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
81:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
81:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
81:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
81:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
81:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
82:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
82:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
82:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
83:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
83:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
83:
|
Non internationalized string: " WHERE " |
INTER.ITT-3 |
|
83:
|
The String literal " WHERE " is used |
SECURITY.WSC.SL-3 |
|
84:
|
The String literal "LCASE(" is used |
SECURITY.WSC.SL-3 |
|
84:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
84:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
84:
|
Non internationalized string: "LCASE(" |
INTER.ITT-3 |
|
84:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
84:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
84:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
84:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
84:
|
field 'NL_TITLE' is used multiple times |
MOBILE.ACFM-3 |
|
84:
|
Single character ')' using double quotes in string concatenation |
OPT.STR-3 |
|
84:
|
The String literal ")" is used |
SECURITY.WSC.SL-3 |
|
84:
|
The String literal " LIKE ? AND " is used |
SECURITY.WSC.SL-3 |
|
84:
|
Non internationalized string: " LIKE ? AND " |
INTER.ITT-3 |
|
85:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
85:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
85:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
85:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
85:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
85:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
85:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
85:
|
The String literal " = " is used |
SECURITY.WSC.SL-3 |
|
86:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
86:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
86:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
86:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
86:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
86:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
86:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
86:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
87:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
87:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
87:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
87:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
87:
|
Non internationalized string: ".publisher_id = " |
INTER.ITT-3 |
|
87:
|
The String literal ".publisher_id = " is used |
SECURITY.WSC.SL-3 |
|
88:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
88:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
88:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
88:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
88:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
88:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
90:
|
The local variable 'db' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
90:
|
Local variable 'db' has the same name as a field |
OOP.HMF-3 |
|
90:
|
The declaration of the local variable 'db' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
91:
|
interface type 'PreparedStatement' is used |
MOBILE.AUI-3 |
|
91:
|
JDBC resource 'stmt' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
91:
|
The declaration of the local variable 'stmt' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
92:
|
Line is longer than 80 characters: 87 |
APSC_DV.003215.LL-3 |
|
92:
|
Line is longer than 80 characters: 87 |
FORMAT.LL-3 |
|
92:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
92:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
93:
|
Line is longer than 80 characters: 81 |
APSC_DV.003215.LL-3 |
|
93:
|
Line is longer than 80 characters: 81 |
FORMAT.LL-3 |
|
93:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
93:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
94:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
94:
|
Single character '%' using double quotes in string concatenation |
OPT.STR-3 |
|
94:
|
Concatenating strings |
INTER.COS-5 |
|
94:
|
The String literal "%" is used |
SECURITY.WSC.SL-3 |
|
94:
|
The 'toLowerCase' method is called without the java.util.Locale parameter |
CERT.STR02.CCL-2 |
|
94:
|
Parameter 'titlePart' dereferenced before being checked for null |
DBC.IPAN-3 |
|
94:
|
The 'toLowerCase' method is called without the java.util.Locale parameter |
INTER.CCL-3 |
|
94:
|
Single character '%' using double quotes in string concatenation |
OPT.STR-3 |
|
94:
|
The String literal "%" is used |
SECURITY.WSC.SL-3 |
|
95:
|
interface type 'ResultSet' is used |
MOBILE.AUI-3 |
|
95:
|
JDBC resource 'rs' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
95:
|
Variable 'rs' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
95:
|
The declaration of the local variable 'rs' is not followed by a comment |
CODSTA.READ.CLV-5 |
| +
|
96:
|
Duplicated code: "boolean hasNext = rs.first(); Vect ..." |
CDD.DUPC-3 |
| |
|
[Line 96] Duplicated code in file 'BookStoreDB.java'
[Line 90] Duplicated code in file 'BookStoreDB.java' |
|
96:
|
Variable 'hasNext' does not end with 'boolean' |
NAMING.UHN-4 |
|
96:
|
The declaration of the local variable 'hasNext' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
96:
|
Variable 'hasNext' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
97:
|
Variable 'books' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
97:
|
The declaration of the local variable 'books' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
97:
|
Consider using an 'ArrayList' instead of a 'Vector' here for efficiency |
OPT.SDLS-3 |
|
97:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
99:
|
Variable 'query2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
99:
|
The declaration of the local variable 'query2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
99:
|
Concatenating strings |
INTER.COS-5 |
|
99:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
99:
|
Non internationalized string: "SELECT " |
INTER.ITT-3 |
|
99:
|
The String literal "SELECT " is used |
SECURITY.WSC.SL-3 |
|
100:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
100:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
100:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
100:
|
The String literal " as " is used |
SECURITY.WSC.SL-3 |
|
100:
|
Non internationalized string: " as " |
INTER.ITT-3 |
|
101:
|
Non internationalized string: " FROM " |
INTER.ITT-3 |
|
101:
|
The String literal " FROM " is used |
SECURITY.WSC.SL-3 |
|
102:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
102:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
102:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
102:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
103:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
103:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
103:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
104:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
105:
|
Non internationalized string: " WHERE " |
INTER.ITT-3 |
|
105:
|
The String literal " WHERE " is used |
SECURITY.WSC.SL-3 |
|
106:
|
Line is longer than 80 characters: 82 |
APSC_DV.003215.LL-3 |
|
106:
|
Line is longer than 80 characters: 82 |
FORMAT.LL-3 |
|
106:
|
Non internationalized string: "LCASE(" |
INTER.ITT-3 |
|
106:
|
The String literal "LCASE(" is used |
SECURITY.WSC.SL-3 |
|
106:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
106:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
106:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
106:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
106:
|
field 'NL_TITLE' is used multiple times |
MOBILE.ACFM-3 |
|
106:
|
Single character ')' using double quotes in string concatenation |
OPT.STR-3 |
|
106:
|
The String literal ")" is used |
SECURITY.WSC.SL-3 |
|
106:
|
The String literal " LIKE ? AND " is used |
SECURITY.WSC.SL-3 |
|
106:
|
Non internationalized string: " LIKE ? AND " |
INTER.ITT-3 |
|
107:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
107:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
107:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
107:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
107:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
107:
|
The String literal " = " is used |
SECURITY.WSC.SL-3 |
|
108:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
108:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
108:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
108:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
108:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
108:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
109:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
109:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
109:
|
Non internationalized string: ".publisher_id = " |
INTER.ITT-3 |
|
109:
|
The String literal ".publisher_id = " is used |
SECURITY.WSC.SL-3 |
|
110:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
110:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
110:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
110:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
110:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
110:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
111:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
111:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
111:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
111:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
111:
|
The String literal " = ?" is used |
SECURITY.WSC.SL-3 |
|
112:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
112:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
112:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
113:
|
Local constant not declared "final": id |
CODSTA.READ.FLV-3 |
|
113:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
113:
|
The declaration of the local variable 'id' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
113:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
114:
|
The declaration of the local variable 'isbn' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
114:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
115:
|
The declaration of the local variable 'genre' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
115:
|
field 'NL_GENRE' is used multiple times |
MOBILE.ACFM-3 |
|
116:
|
The declaration of the local variable 'title' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
116:
|
field 'NL_TITLE' is used multiple times |
MOBILE.ACFM-3 |
|
117:
|
The declaration of the local variable 'year' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
117:
|
Inspect usage of the 'Date' object 'year' |
SECURITY.BV.ADT-5 |
|
117:
|
field 'NL_YEAR' is used multiple times |
MOBILE.ACFM-3 |
|
118:
|
The declaration of the local variable 'publisher' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
118:
|
field 'NL_PUBLISHER_NAME' is used multiple times |
MOBILE.ACFM-3 |
|
119:
|
The declaration of the local variable 'description' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
119:
|
field 'NL_DESCRIPTION' is used multiple times |
MOBILE.ACFM-3 |
|
120:
|
The declaration of the local variable 'amount' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
120:
|
field 'NL_PRICE' is used multiple times |
MOBILE.ACFM-3 |
|
121:
|
Local constant not declared "final": stock |
CODSTA.READ.FLV-3 |
|
121:
|
Variable 'stock' does not end with 'int' |
NAMING.UHN-4 |
|
121:
|
The declaration of the local variable 'stock' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
121:
|
field 'NL_STOCK' is used multiple times |
MOBILE.ACFM-3 |
|
123:
|
interface type 'PreparedStatement' is used |
MOBILE.AUI-3 |
|
123:
|
JDBC resource 'stmt2' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
123:
|
The declaration of the local variable 'stmt2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
124:
|
Line is longer than 80 characters: 92 |
APSC_DV.003215.LL-3 |
|
124:
|
Line is longer than 80 characters: 92 |
FORMAT.LL-3 |
|
124:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
124:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
124:
|
field 'TYPE_SCROLL_INSENSITIVE' is used multiple times |
MOBILE.ACFM-3 |
|
125:
|
Line is longer than 80 characters: 87 |
APSC_DV.003215.LL-3 |
|
125:
|
Line is longer than 80 characters: 87 |
FORMAT.LL-3 |
|
125:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
125:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
125:
|
field 'CONCUR_UPDATABLE' is used multiple times |
MOBILE.ACFM-3 |
| +
|
126:
|
Duplicated code: "stmt2.setString(1, "%" + titlePart.toLowe ..." |
CDD.DUPC-3 |
| |
|
[Line 126] Duplicated code in file 'BookStoreDB.java'
[Line 119] Duplicated code in file 'BookStoreDB.java' |
|
126:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
126:
|
Single character '%' using double quotes in string concatenation |
OPT.STR-3 |
|
126:
|
Concatenating strings |
INTER.COS-5 |
|
126:
|
The String literal "%" is used |
SECURITY.WSC.SL-3 |
|
126:
|
The 'toLowerCase' method is called without the java.util.Locale parameter |
CERT.STR02.CCL-2 |
|
126:
|
The 'toLowerCase' method is called without the java.util.Locale parameter |
INTER.CCL-3 |
|
126:
|
Single character '%' using double quotes in string concatenation |
OPT.STR-3 |
|
126:
|
The String literal "%" is used |
SECURITY.WSC.SL-3 |
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
APSC_DV.002500.VPPD-2 |
| |
|
BookStoreDB.java (69): String query = "SELECT DISTINCT " +
BookStoreDB.java (90): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (91): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (94): stmt.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (95): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (96): boolean hasNext = rs.first();
BookStoreDB.java (97): Vector<Book> books = new Vector<>();
BookStoreDB.java (99): String query2 = "SELECT " +
BookStoreDB.java (112): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (113): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (114): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (115): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (116): String title = rs.getString(NL_TITLE);
BookStoreDB.java (117): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (118): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (119): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (120): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (121): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (123): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (126): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (127): stmt2.setString(2, isbn); |
|
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
BD.SECURITY.VPPD-2 |
| |
|
BookStoreDB.java (69): String query = "SELECT DISTINCT " +
BookStoreDB.java (90): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (91): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (94): stmt.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (95): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (96): boolean hasNext = rs.first();
BookStoreDB.java (97): Vector<Book> books = new Vector<>();
BookStoreDB.java (99): String query2 = "SELECT " +
BookStoreDB.java (112): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (113): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (114): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (115): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (116): String title = rs.getString(NL_TITLE);
BookStoreDB.java (117): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (118): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (119): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (120): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (121): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (123): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (126): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (127): stmt2.setString(2, isbn); |
|
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
CERT.IDS11.VPPD-1 |
| |
|
BookStoreDB.java (69): String query = "SELECT DISTINCT " +
BookStoreDB.java (90): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (91): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (94): stmt.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (95): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (96): boolean hasNext = rs.first();
BookStoreDB.java (97): Vector<Book> books = new Vector<>();
BookStoreDB.java (99): String query2 = "SELECT " +
BookStoreDB.java (112): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (113): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (114): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (115): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (116): String title = rs.getString(NL_TITLE);
BookStoreDB.java (117): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (118): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (119): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (120): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (121): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (123): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (126): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (127): stmt2.setString(2, isbn); |
|
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
CWE.352.VPPD-2 |
| |
|
BookStoreDB.java (69): String query = "SELECT DISTINCT " +
BookStoreDB.java (90): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (91): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (94): stmt.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (95): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (96): boolean hasNext = rs.first();
BookStoreDB.java (97): Vector<Book> books = new Vector<>();
BookStoreDB.java (99): String query2 = "SELECT " +
BookStoreDB.java (112): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (113): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (114): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (115): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (116): String title = rs.getString(NL_TITLE);
BookStoreDB.java (117): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (118): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (119): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (120): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (121): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (123): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (126): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (127): stmt2.setString(2, isbn); |
|
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
CWE.79.VPPD-2 |
| |
|
BookStoreDB.java (69): String query = "SELECT DISTINCT " +
BookStoreDB.java (90): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (91): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (94): stmt.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (95): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (96): boolean hasNext = rs.first();
BookStoreDB.java (97): Vector<Book> books = new Vector<>();
BookStoreDB.java (99): String query2 = "SELECT " +
BookStoreDB.java (112): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (113): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (114): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (115): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (116): String title = rs.getString(NL_TITLE);
BookStoreDB.java (117): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (118): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (119): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (120): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (121): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (123): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (126): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (127): stmt2.setString(2, isbn); |
|
| +
|
127:
|
The "getString()" method returns tainted data that should be validated before use |
PCIDSS32.659.VPPD-2 |
| |
|
BookStoreDB.java (69): String query = "SELECT DISTINCT " +
BookStoreDB.java (90): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (91): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (94): stmt.setString(1, "%" + titlePart.toLowerCase() + "%");
BookStoreDB.java (95): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (96): boolean hasNext = rs.first();
BookStoreDB.java (97): Vector<Book> books = new Vector<>();
BookStoreDB.java (99): String query2 = "SELECT " +
BookStoreDB.java (112): while (hasNext) { *** Loop condition evaluation: hasNext (assuming true) *** Entering the loop
BookStoreDB.java (113): int id = rs.getInt(NL_ID);
Point where tainted data is accessed
BookStoreDB.java (114): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (115): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (116): String title = rs.getString(NL_TITLE);
BookStoreDB.java (117): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (118): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (119): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (120): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (121): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (123): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (126): stmt2.setString(1, "%" + titlePart.toLowerCase() + "%");
Point where tainted data is used
BookStoreDB.java (127): stmt2.setString(2, isbn); |
|
|
128:
|
interface type 'ResultSet' is used |
MOBILE.AUI-3 |
|
128:
|
JDBC resource 'rs2' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
128:
|
Variable 'rs2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
128:
|
The declaration of the local variable 'rs2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
129:
|
Variable 'hasMore' does not end with 'boolean' |
NAMING.UHN-4 |
|
129:
|
The declaration of the local variable 'hasMore' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
129:
|
Variable 'hasMore' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
130:
|
Variable 'authors' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
130:
|
The declaration of the local variable 'authors' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
130:
|
Consider using an 'ArrayList' instead of a 'Vector' here for efficiency |
OPT.SDLS-3 |
|
130:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
132:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
132:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
132:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
133:
|
The declaration of the local variable 'author' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
133:
|
field 'NL_AUTHOR_NAME' is used multiple times |
MOBILE.ACFM-3 |
|
134:
|
Calling synchronized method 'add' inside of a loop |
OPT.SYN-3 |
|
136:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
138:
|
Place the [] after the array type, not after the variable: arrayOfAuthors |
APSC_DV.003215.IAD-3 |
|
138:
|
Place the [] after the array type, not after the variable: arrayOfAuthors |
FORMAT.IAD-3 |
|
138:
|
Variable 'arrayOfAuthors' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
138:
|
The declaration of the local variable 'arrayOfAuthors' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
138:
|
'OutOfMemoryError' should be caught for potentially large array allocations |
MOBILE.J2ME.OOME-3 |
|
138:
|
Calling synchronized method 'size' inside of a loop |
OPT.SYN-3 |
|
140:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
140:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
140:
|
Variable 'i' does not end with 'int' |
NAMING.UHN-4 |
|
140:
|
'arrayOfAuthors.length' should not be used in a loop condition expression |
MOBILE.J2ME.ARLL-3 |
|
140:
|
field 'length' is used multiple times |
MOBILE.ACFM-3 |
|
140:
|
Non-local variable 'length' used inside loop body |
OPT.USV-4 |
|
141:
|
Calling synchronized method 'elementAt' inside of a loop |
OPT.SYN-3 |
|
142:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
144:
|
Variable 'product' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
144:
|
The declaration of the local variable 'product' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
145:
|
Line is longer than 80 characters: 101 |
APSC_DV.003215.LL-3 |
|
145:
|
Line is longer than 80 characters: 101 |
FORMAT.LL-3 |
|
145:
|
Variable 'book' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
145:
|
The declaration of the local variable 'book' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
146:
|
Calling synchronized method 'add' inside of a loop |
OPT.SYN-3 |
|
148:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
150:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
150:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
151:
|
interface type 'Enumeration' is used |
MOBILE.AUI-3 |
|
151:
|
The declaration of the local variable 'enum_var' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
152:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
152:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
152:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
153:
|
Variable name 'b' is not of type "byte" |
NAMING.CVN-4 |
|
153:
|
The length of the identifier "b" is less than the minimum length (2) |
NAMING.LLI-4 |
|
154:
|
Line is longer than 80 characters: 136 |
APSC_DV.003215.LL-3 |
|
154:
|
Line is longer than 80 characters: 136 |
FORMAT.LL-3 |
|
154:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
154:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
154:
|
Missing '()' to separate complex expression |
APSC_DV.003215.APAREN-3 |
|
154:
|
The return value of 'getProductInfo()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
154:
|
The return value of 'getBook()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
154:
|
Missing '()' to separate complex expression |
FORMAT.APAREN-3 |
|
154:
|
Missing '()' to separate complex expression |
APSC_DV.003215.APAREN-3 |
|
154:
|
The return value of 'getName()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
154:
|
The return value of 'getProductInfo()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
154:
|
The return value of 'getBook()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
154:
|
Missing '()' to separate complex expression |
FORMAT.APAREN-3 |
|
155:
|
Calling synchronized method 'add' inside of a loop |
OPT.SYN-3 |
|
156:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
157:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
158:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
160:
|
Place the [] after the array type, not after the variable: arrayOfBooks |
APSC_DV.003215.IAD-3 |
|
160:
|
Place the [] after the array type, not after the variable: arrayOfBooks |
FORMAT.IAD-3 |
|
160:
|
Variable 'arrayOfBooks' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
160:
|
The declaration of the local variable 'arrayOfBooks' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
160:
|
'OutOfMemoryError' should be caught for potentially large array allocations |
MOBILE.J2ME.OOME-3 |
|
162:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
162:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
162:
|
Variable 'i' does not end with 'int' |
NAMING.UHN-4 |
|
162:
|
'arrayOfBooks.length' should not be used in a loop condition expression |
MOBILE.J2ME.ARLL-3 |
|
162:
|
field 'length' is used multiple times |
MOBILE.ACFM-3 |
|
163:
|
Calling synchronized method 'elementAt' inside of a loop |
OPT.SYN-3 |
|
164:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
168:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
168:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
169:
|
Line is longer than 80 characters: 81 |
APSC_DV.003215.LL-3 |
|
169:
|
Line is longer than 80 characters: 81 |
FORMAT.LL-3 |
|
169:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
169:
|
Concatenating strings |
INTER.COS-5 |
|
169:
|
The String literal "no books with titles containing '" is used |
SECURITY.WSC.SL-3 |
|
170:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
170:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
170:
|
The String literal "' were found" is used |
SECURITY.WSC.SL-3 |
|
171:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
175:
|
No JUnit test method defined for 'getById()' |
JUNIT.TEST-2 |
|
175:
|
The method 'getById' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
175:
|
Missing Javadoc comment for method 'getById()' |
JAVADOC.PJDM-3 |
|
175:
|
Globally unused "public" method: getById() |
GLOBAL.UPPM-4 |
|
175:
|
Formal parameter 'id' is not declared as final |
CODSTA.BP.FPF-3 |
|
175:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
176:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
176:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
181:
|
Opening brace '{' is not on the same line as the method declaration |
APSC_DV.003215.FCB-3 |
|
181:
|
Opening brace '{' is not on the same line as the method declaration |
FORMAT.FCB-3 |
|
182:
|
The local variable 'db' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
182:
|
Local variable 'db' has the same name as a field |
OOP.HMF-3 |
|
182:
|
The declaration of the local variable 'db' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
183:
|
The declaration of the local variable 'query' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
183:
|
Concatenating strings |
INTER.COS-5 |
|
183:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
183:
|
Non internationalized string: "SELECT " |
INTER.ITT-3 |
|
183:
|
The String literal "SELECT " is used |
SECURITY.WSC.SL-3 |
|
183:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
183:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
183:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
183:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
183:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
183:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
184:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
184:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
184:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
184:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
184:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
184:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
184:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
184:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
185:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
185:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
185:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
185:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
185:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
185:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
185:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
186:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
186:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
186:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
186:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
186:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
186:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
186:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
187:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
187:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
187:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
187:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
187:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
187:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
187:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
188:
|
Line is longer than 80 characters: 106 |
APSC_DV.003215.LL-3 |
|
188:
|
Line is longer than 80 characters: 106 |
FORMAT.LL-3 |
|
188:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
188:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
188:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
188:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
188:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
188:
|
The String literal " as " is used |
SECURITY.WSC.SL-3 |
|
188:
|
Non internationalized string: " as " |
INTER.ITT-3 |
|
188:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
188:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
189:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
189:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
189:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
189:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
189:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
189:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
189:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
190:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
190:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
190:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
190:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
190:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
190:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
190:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
191:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
191:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
191:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
191:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
191:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
191:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
192:
|
The String literal " FROM " is used |
SECURITY.WSC.SL-3 |
|
192:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
192:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
192:
|
Non internationalized string: " FROM " |
INTER.ITT-3 |
|
192:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
192:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
192:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
192:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
193:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
193:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
193:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
193:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
193:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
194:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
194:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
194:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
195:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
195:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
195:
|
Non internationalized string: " WHERE " |
INTER.ITT-3 |
|
195:
|
The String literal " WHERE " is used |
SECURITY.WSC.SL-3 |
|
195:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
195:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
195:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
195:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
195:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
195:
|
Non internationalized string: " = ? AND " |
INTER.ITT-3 |
|
195:
|
The String literal " = ? AND " is used |
SECURITY.WSC.SL-3 |
|
196:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
196:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
196:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
196:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
196:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
196:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
196:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
196:
|
The String literal " = " is used |
SECURITY.WSC.SL-3 |
|
197:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
197:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
197:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
197:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
197:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
197:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
197:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
197:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
198:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
198:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
198:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
198:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
198:
|
Non internationalized string: ".publisher_id = " |
INTER.ITT-3 |
|
198:
|
The String literal ".publisher_id = " is used |
SECURITY.WSC.SL-3 |
|
199:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
199:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
199:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
199:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
199:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
199:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
200:
|
interface type 'PreparedStatement' is used |
MOBILE.AUI-3 |
|
200:
|
JDBC resource 'stmt' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
200:
|
The declaration of the local variable 'stmt' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
201:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
201:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
202:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
202:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
204:
|
interface type 'ResultSet' is used |
MOBILE.AUI-3 |
|
204:
|
JDBC resource 'rs' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
204:
|
Variable 'rs' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
204:
|
The declaration of the local variable 'rs' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
205:
|
Variable 'exists' does not end with 'boolean' |
NAMING.UHN-4 |
|
205:
|
The declaration of the local variable 'exists' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
205:
|
Local constant not declared "final": exists |
CODSTA.READ.FLV-3 |
|
205:
|
Variable 'exists' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
206:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
206:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
207:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
207:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
208:
|
interface type 'Enumeration' is used |
MOBILE.AUI-3 |
|
208:
|
The declaration of the local variable 'enum_var' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
209:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
209:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
209:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
210:
|
Variable name 'b' is not of type "byte" |
NAMING.CVN-4 |
|
210:
|
The length of the identifier "b" is less than the minimum length (2) |
NAMING.LLI-4 |
|
211:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
211:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
211:
|
The return value of 'getProductInfo()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
211:
|
The return value of 'getBook()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
214:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
215:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
216:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
217:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
217:
|
Concatenating strings |
INTER.COS-5 |
|
217:
|
The String literal "no book with the id " is used |
SECURITY.WSC.SL-3 |
|
217:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
218:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
218:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
218:
|
The String literal " was found" is used |
SECURITY.WSC.SL-3 |
|
219:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
220:
|
Variable 'isbn' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
220:
|
The declaration of the local variable 'isbn' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
220:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
221:
|
Variable 'title' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
221:
|
The declaration of the local variable 'title' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
222:
|
The declaration of the local variable 'genre' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
222:
|
Variable 'genre' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
223:
|
Variable 'year' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
223:
|
The declaration of the local variable 'year' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
223:
|
Inspect usage of the 'Date' object 'year' |
SECURITY.BV.ADT-5 |
|
224:
|
The declaration of the local variable 'publisher' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
224:
|
Variable 'publisher' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
225:
|
Variable 'description' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
225:
|
The declaration of the local variable 'description' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
226:
|
The declaration of the local variable 'amount' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
226:
|
Variable 'amount' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
| +
|
227:
|
Duplicated code: "int stock = rs.getInt(NL_STOCK); S ..." |
CDD.DUPC-3 |
| |
|
[Line 227] Duplicated code in file 'BookStoreDB.java'
[Line 216] Duplicated code in file 'BookStoreDB.java' |
|
227:
|
Local constant not declared "final": stock |
CODSTA.READ.FLV-3 |
|
227:
|
Variable 'stock' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
227:
|
Variable 'stock' does not end with 'int' |
NAMING.UHN-4 |
|
227:
|
The declaration of the local variable 'stock' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
228:
|
Line is longer than 80 characters: 95 |
APSC_DV.003215.LL-3 |
|
228:
|
Line is longer than 80 characters: 95 |
FORMAT.LL-3 |
|
228:
|
Variable 'query2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
228:
|
The declaration of the local variable 'query2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
228:
|
Concatenating strings |
INTER.COS-5 |
|
228:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
228:
|
Non internationalized string: "SELECT " |
INTER.ITT-3 |
|
228:
|
The String literal "SELECT " is used |
SECURITY.WSC.SL-3 |
|
228:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
228:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
228:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
228:
|
The String literal " as " is used |
SECURITY.WSC.SL-3 |
|
228:
|
Non internationalized string: " as " |
INTER.ITT-3 |
|
229:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
229:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
229:
|
Non internationalized string: " FROM " |
INTER.ITT-3 |
|
229:
|
The String literal " FROM " is used |
SECURITY.WSC.SL-3 |
|
229:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
229:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
229:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
229:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
230:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
230:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
230:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
230:
|
Single character ',' using double quotes in string concatenation |
OPT.STR-3 |
|
230:
|
The String literal "," is used |
SECURITY.WSC.SL-3 |
|
231:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
231:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
231:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
232:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
232:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
232:
|
Non internationalized string: " WHERE " |
INTER.ITT-3 |
|
232:
|
The String literal " WHERE " is used |
SECURITY.WSC.SL-3 |
|
232:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
232:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
232:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
232:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
232:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
232:
|
Non internationalized string: " = ? AND " |
INTER.ITT-3 |
|
232:
|
The String literal " = ? AND " is used |
SECURITY.WSC.SL-3 |
|
233:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
233:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
233:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
233:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
233:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
233:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
233:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
233:
|
The String literal " = " is used |
SECURITY.WSC.SL-3 |
|
234:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
234:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
234:
|
field 'NL_TABLE_AUTHOR' is used multiple times |
MOBILE.ACFM-3 |
|
234:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
234:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
234:
|
field 'NL_ISBN' is used multiple times |
MOBILE.ACFM-3 |
|
234:
|
Non internationalized string: " AND " |
INTER.ITT-3 |
|
234:
|
The String literal " AND " is used |
SECURITY.WSC.SL-3 |
|
235:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
235:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
235:
|
field 'NL_TABLE_BOOK' is used multiple times |
MOBILE.ACFM-3 |
|
235:
|
Field 'NL_TABLE_BOOK' is accessed very frequently; try using a local variable as a buffer |
MOBILE.J2ME.EAOF-3 |
|
235:
|
Non internationalized string: ".publisher_id = " |
INTER.ITT-3 |
|
235:
|
The String literal ".publisher_id = " is used |
SECURITY.WSC.SL-3 |
|
236:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
236:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
236:
|
field 'NL_TABLE_PUBLISHER' is used multiple times |
MOBILE.ACFM-3 |
|
236:
|
Single character '.' using double quotes in string concatenation |
OPT.STR-3 |
|
236:
|
The String literal "." is used |
SECURITY.WSC.SL-3 |
|
236:
|
field 'NL_ID' is used multiple times |
MOBILE.ACFM-3 |
|
237:
|
interface type 'PreparedStatement' is used |
MOBILE.AUI-3 |
|
237:
|
JDBC resource 'stmt2' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
237:
|
Variable 'stmt2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
237:
|
The declaration of the local variable 'stmt2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
238:
|
Line is longer than 80 characters: 88 |
APSC_DV.003215.LL-3 |
|
238:
|
Line is longer than 80 characters: 88 |
FORMAT.LL-3 |
|
238:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
238:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
239:
|
Line is longer than 80 characters: 82 |
APSC_DV.003215.LL-3 |
|
239:
|
Line is longer than 80 characters: 82 |
FORMAT.LL-3 |
|
239:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
239:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
| +
|
240:
|
Duplicated code: "stmt2.setInt(1, id); ResultSet rs2 ..." |
CDD.DUPC-3 |
| |
|
[Line 240] Duplicated code in file 'BookStoreDB.java'
[Line 229] Duplicated code in file 'BookStoreDB.java' |
|
241:
|
interface type 'ResultSet' is used |
MOBILE.AUI-3 |
|
241:
|
JDBC resource 'rs2' is not closed in a "finally" block |
JDBC.RRWD-1 |
|
241:
|
Variable 'rs2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
241:
|
The declaration of the local variable 'rs2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
242:
|
Variable 'more2' does not end with 'boolean' |
NAMING.UHN-4 |
|
242:
|
The declaration of the local variable 'more2' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
242:
|
Variable 'more2' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
243:
|
Variable 'authors' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
243:
|
The declaration of the local variable 'authors' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
243:
|
Consider using an 'ArrayList' instead of a 'Vector' here for efficiency |
OPT.SDLS-3 |
|
243:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
244:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
244:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
244:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
245:
|
The declaration of the local variable 'author' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
245:
|
field 'NL_AUTHOR_NAME' is used multiple times |
MOBILE.ACFM-3 |
|
246:
|
Calling synchronized method 'add' inside of a loop |
OPT.SYN-3 |
| +
|
246:
|
The "getString()" method returns tainted data that should be validated before use |
APSC_DV.002500.VPPD-2 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (245): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (246): authors.add(author); |
|
| +
|
246:
|
The "getString()" method returns tainted data that should be validated before use |
BD.SECURITY.VPPD-2 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (245): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (246): authors.add(author); |
|
| +
|
246:
|
The "getString()" method returns tainted data that should be validated before use |
CERT.IDS11.VPPD-1 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (245): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (246): authors.add(author); |
|
| +
|
246:
|
The "getString()" method returns tainted data that should be validated before use |
CWE.352.VPPD-2 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (245): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (246): authors.add(author); |
|
| +
|
246:
|
The "getString()" method returns tainted data that should be validated before use |
CWE.79.VPPD-2 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (245): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (246): authors.add(author); |
|
| +
|
246:
|
The "getString()" method returns tainted data that should be validated before use |
PCIDSS32.659.VPPD-2 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming true) *** Entering the loop
Point where tainted data is accessed
BookStoreDB.java (245): String author = rs2.getString(NL_AUTHOR_NAME);
Point where tainted data is used
BookStoreDB.java (246): authors.add(author); |
|
|
248:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
249:
|
Place the [] after the array type, not after the variable: arr |
APSC_DV.003215.IAD-3 |
|
249:
|
Place the [] after the array type, not after the variable: arr |
FORMAT.IAD-3 |
|
249:
|
Variable name 'arr' does not match user-specified regular expression '(s|List|Set|Array|Table)$' for array and collection
variables |
NAMING.NAC-3 |
|
249:
|
Variable 'arr' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
249:
|
The declaration of the local variable 'arr' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
249:
|
'OutOfMemoryError' should be caught for potentially large array allocations |
MOBILE.J2ME.OOME-3 |
|
250:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
250:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
250:
|
Variable 'i' does not end with 'int' |
NAMING.UHN-4 |
|
250:
|
'arr.length' should not be used in a loop condition expression |
MOBILE.J2ME.ARLL-3 |
|
250:
|
field 'length' is used multiple times |
MOBILE.ACFM-3 |
|
251:
|
Calling synchronized method 'elementAt' inside of a loop |
OPT.SYN-3 |
|
252:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
255:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
255:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
| +
|
255:
|
The "getInt()" method returns tainted data that should be validated before use |
APSC_DV.002500.VPPD-2 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (249): String arr[] = new String[authors.size()];
BookStoreDB.java (250): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (253): stmt.close();
Point where tainted data is used
BookStoreDB.java (255): new ProductInfo(id, title, amount, stock) |
|
| +
|
255:
|
The "getInt()" method returns tainted data that should be validated before use |
BD.SECURITY.VPPD-2 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (249): String arr[] = new String[authors.size()];
BookStoreDB.java (250): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (253): stmt.close();
Point where tainted data is used
BookStoreDB.java (255): new ProductInfo(id, title, amount, stock) |
|
| +
|
255:
|
The "getInt()" method returns tainted data that should be validated before use |
CERT.IDS11.VPPD-1 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (249): String arr[] = new String[authors.size()];
BookStoreDB.java (250): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (253): stmt.close();
Point where tainted data is used
BookStoreDB.java (255): new ProductInfo(id, title, amount, stock) |
|
| +
|
255:
|
The "getInt()" method returns tainted data that should be validated before use |
CWE.352.VPPD-2 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (249): String arr[] = new String[authors.size()];
BookStoreDB.java (250): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (253): stmt.close();
Point where tainted data is used
BookStoreDB.java (255): new ProductInfo(id, title, amount, stock) |
|
| +
|
255:
|
The "getInt()" method returns tainted data that should be validated before use |
CWE.79.VPPD-2 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (249): String arr[] = new String[authors.size()];
BookStoreDB.java (250): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (253): stmt.close();
Point where tainted data is used
BookStoreDB.java (255): new ProductInfo(id, title, amount, stock) |
|
| +
|
255:
|
The "getInt()" method returns tainted data that should be validated before use |
PCIDSS32.659.VPPD-2 |
| |
|
BookStoreDB.java (182): BookStoreDB db = getDBInstance();
BookStoreDB.java (50): if (db == null) { *** Condition evaluation: (db == null) (assuming false)
BookStoreDB.java (52): if (db.isClosed()) { *** Condition evaluation: db.isClosed() (assuming false)
BookStoreDB.java (55): return db;
BookStoreDB.java (183): String query = "SELECT " + NL_TABLE_BOOK + "." + NL_ID + "," +
BookStoreDB.java (200): PreparedStatement stmt = db.prepareStatement(query,
BookStoreDB.java (203): stmt.setInt(1, id);
BookStoreDB.java (204): ResultSet rs = stmt.executeQuery();
BookStoreDB.java (205): boolean exists = rs.first();
BookStoreDB.java (206): if (!exists) { *** Condition evaluation: !exists (assuming false)
BookStoreDB.java (220): String isbn = rs.getString(NL_ISBN);
BookStoreDB.java (221): String title = rs.getString(NL_TITLE);
BookStoreDB.java (222): String genre = rs.getString(NL_GENRE);
BookStoreDB.java (223): Date year = rs.getDate(NL_YEAR);
BookStoreDB.java (224): String publisher = rs.getString(NL_PUBLISHER_NAME);
BookStoreDB.java (225): String description = rs.getString(NL_DESCRIPTION);
BookStoreDB.java (226): BigDecimal amount = rs.getBigDecimal(NL_PRICE);
Point where tainted data is accessed
BookStoreDB.java (227): int stock = rs.getInt(NL_STOCK);
BookStoreDB.java (228): String query2 = "SELECT " + NL_TABLE_AUTHOR + "." + NL_NAME + " as " + NL_AUTHOR_NAME +
BookStoreDB.java (237): PreparedStatement stmt2 = db.prepareStatement(query2,
BookStoreDB.java (240): stmt2.setInt(1, id);
BookStoreDB.java (241): ResultSet rs2 = stmt2.executeQuery();
BookStoreDB.java (242): boolean more2 = rs2.first();
BookStoreDB.java (243): Vector<String> authors = new Vector<>();
BookStoreDB.java (244): while (more2) { *** Loop condition evaluation: more2 (assuming false) *** Not entering the loop
BookStoreDB.java (249): String arr[] = new String[authors.size()];
BookStoreDB.java (250): for (int i = 0; i < arr.length; ++i) { *** Loop condition evaluation: (i < arr.length) (assuming false) *** Not entering the loop
BookStoreDB.java (253): stmt.close();
Point where tainted data is used
BookStoreDB.java (255): new ProductInfo(id, title, amount, stock) |
|
|
258:
|
No JUnit test method defined for 'addNewItem()' |
JUNIT.TEST-2 |
|
258:
|
Missing Javadoc comment for method 'addNewItem()' |
JAVADOC.PJDM-3 |
|
258:
|
Globally unused "public" method: addNewItem() |
GLOBAL.UPPM-4 |
|
258:
|
Formal parameter 'tempbook' is not declared as final |
CODSTA.BP.FPF-3 |
|
258:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
APSC_DV.001460.NTX-2 |
|
258:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
CERT.ERR07.NTX-3 |
|
258:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
CODSTA.BP.NTX-3 |
|
258:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
CWE.397.NTX-3 |
|
258:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
OWASP2017.A6.NTX-3 |
|
258:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
OWASP2021.A5.NTX-3 |
|
258:
|
Throwing explicit 'Exception' object in 'addNewItem()' |
OWASP2019.API7.NTX-5 |
|
259:
|
Lazy initialization is not thread-safe: addedBooks |
CERT.MSC07.ILI-3 |
|
259:
|
Lazy initialization is not thread-safe: addedBooks |
CWE.543.ILI-3 |
|
259:
|
Lazy initialization is not thread-safe: addedBooks |
TRS.ILI-3 |
|
259:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
259:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
260:
|
This code may not be thread-safe; setting and accessing the field 'addedBooks' may require synchronization |
CERT.LCK05.IASF-3 |
|
260:
|
This code may not be thread-safe; setting and accessing the field 'addedBooks' may require synchronization |
CWE.543.IASF-3 |
|
260:
|
This code may not be thread-safe; setting and accessing the field 'addedBooks' may require synchronization |
TRS.IASF-3 |
|
260:
|
Hashtable 'addedBooks' may have improved performance as a ConcurrentHashMap |
TRS.CHM-5 |
|
260:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
261:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
262:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
262:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
263:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
263:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
263:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
263:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
263:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
263:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
263:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
263:
|
Concatenating strings |
INTER.COS-5 |
|
263:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
263:
|
The String literal "Too many books (" is used |
SECURITY.WSC.SL-3 |
|
263:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
264:
|
Line is longer than 80 characters: 160 |
APSC_DV.003215.LL-3 |
|
264:
|
Line is longer than 80 characters: 160 |
FORMAT.LL-3 |
|
264:
|
The String literal ") have been added already. Added books are removed as soon as the session of the user who added them expires,
after 20 minutes of inactivity" is used |
SECURITY.WSC.SL-3 |
|
265:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
266:
|
Line is longer than 80 characters: 95 |
APSC_DV.003215.LL-3 |
|
266:
|
Line is longer than 80 characters: 95 |
FORMAT.LL-3 |
|
266:
|
Unnecessary instantiation of 'Integer' object |
OPT.PRIM-3 |
|
266:
|
The return value of 'getProductInfo()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
266:
|
The return value of 'getBook()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
267:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
270:
|
No JUnit test method defined for 'clearAddedBooks()' |
JUNIT.TEST-2 |
|
270:
|
Missing Javadoc comment for method 'clearAddedBooks()' |
JAVADOC.PJDM-3 |
|
270:
|
Globally unused "public" method: clearAddedBooks() |
GLOBAL.UPPM-4 |
|
270:
|
"synchronized" modifier used in method declaration: clearAddedBooks() |
TRS.NSM-5 |
|
270:
|
Formal parameter 'tempbook' is not declared as final |
CODSTA.BP.FPF-3 |
|
271:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
271:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
272:
|
The declaration of the local variable 'book' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
273:
|
The return value of 'getProductInfo()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
273:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
274:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
277:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
277:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/BookStoreMemoryDB.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Missing Javadoc tag '@since' for class 'BookStoreMemoryDB' |
JAVADOC.ECTT-3 |
|
8:
|
Globally unused "public" class: com.parasoft.bookstore2.BookStoreMemoryDB |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: BookStoreMemoryDB |
JAVADOC.MAJDT-4 |
|
8:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
"public" class without an '@invariant' contract: BookStoreMemoryDB |
DBC.PUBC-3 |
|
8:
|
Missing '@version' Javadoc tag: BookStoreMemoryDB |
JAVADOC.MVJDT-3 |
|
8:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
9:
|
The 'db' field of the immutable class is not declared final |
SECURITY.WSC.FIMU-4 |
|
17:
|
'public' constructor declared |
CODSTA.BP.CMUTA-3 |
|
17:
|
Constructor 'BookStoreMemoryDB' throws 'SQLException, InstantiationException, IllegalAccessException, ClassNotFoundException' |
EXCEPT.EPNFC-3 |
|
17:
|
Missing Javadoc tag '@since' for method 'BookStoreMemoryDB()' |
JAVADOC.ECTM-3 |
|
17:
|
The constructor 'BookStoreMemoryDB' is more accessible than the constructor in its superclass |
SECURITY.WSC.AMA-3 |
|
17:
|
Constructor 'BookStoreMemoryDB()' should be declared "private" |
CWE.749.DPPM-4 |
|
17:
|
Constructor 'BookStoreMemoryDB()' should be declared "private" |
GLOBAL.DPPM-4 |
|
17:
|
Flag not present |
SECURITY.WSC.INIVF-4 |
|
17:
|
"public" method without a '@post' contract: BookStoreMemoryDB () |
DBC.PUBMPOST-3 |
|
17:
|
"public" method without a '@pre' contract: BookStoreMemoryDB |
DBC.PUBMPRE-3 |
|
17:
|
This constructor for class 'BookStoreMemoryDB' does not need to be explicitly defined |
PB.USC.EPC-3 |
|
17:
|
Constructor 'BookStoreMemoryDB' throws 'SQLException, InstantiationException, IllegalAccessException, ClassNotFoundException' |
CERT.OBJ11.EPNFC-1 |
|
17:
|
No JUnit test method defined for 'BookStoreMemoryDB()' |
JUNIT.TEST-2 |
|
18:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
18:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
22:
|
Opening brace '{' is not on the same line as the constructor declaration |
FORMAT.FCB-3 |
|
22:
|
Opening brace '{' is not on the same line as the constructor declaration |
APSC_DV.003215.FCB-3 |
|
27:
|
No JUnit test method defined for 'getDBInstance()' |
JUNIT.TEST-2 |
|
27:
|
Elements in 'BookStoreMemoryDB' not ordered appropriately, first violation: method 'getDBInstance' at line 27 should be placed
before constructor 'BookStoreMemoryDB' at line 11 |
CODSTA.ORG.FO-3 |
|
27:
|
The method 'getDBInstance' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
27:
|
Missing Javadoc comment for method 'getDBInstance()' |
JAVADOC.PJDM-3 |
|
27:
|
Globally unused "public" method: getDBInstance() |
GLOBAL.UPPM-4 |
|
28:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
28:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
32:
|
Opening brace '{' is not on the same line as the method declaration |
APSC_DV.003215.FCB-3 |
|
32:
|
Opening brace '{' is not on the same line as the method declaration |
FORMAT.FCB-3 |
|
33:
|
Lazy initialization is not thread-safe: db |
CERT.MSC07.ILI-3 |
|
33:
|
Lazy initialization is not thread-safe: db |
CWE.543.ILI-3 |
|
33:
|
Lazy initialization is not thread-safe: db |
TRS.ILI-3 |
|
33:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
33:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
34:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
CERT.LCK05.IASF-3 |
|
34:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
CWE.543.IASF-3 |
|
34:
|
This code may not be thread-safe; setting and accessing the field 'db' may require synchronization |
TRS.IASF-3 |
|
35:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
38:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
38:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/CartManager.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
8:
|
"import java.util.concurrent.ConcurrentHashMap" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
8:
|
"import java.util.concurrent.ConcurrentHashMap" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
8:
|
"import" not presented in alphabetical order: java.util.concurrent.ConcurrentHashMap |
CODSTA.ORG.ORIMP-5 |
|
9:
|
"import java.util.concurrent.atomic.AtomicInteger" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
9:
|
"import java.util.concurrent.atomic.AtomicInteger" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
11:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
11:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
11:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
11:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
11:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
11:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
11:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
11:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
11:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
11:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
11:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
11:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
11:
|
CartManager has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
11:
|
getter method without an @invariant contract: getCart() |
DBC.IGM-3 |
|
11:
|
getter method without an @invariant contract: getCartId() |
DBC.IGM-3 |
|
11:
|
getter method without an @invariant contract: getItem() |
DBC.IGM-3 |
|
11:
|
Missing Javadoc comment for 'CartManager' |
JAVADOC.PJDC-3 |
|
11:
|
Public clone method missing |
OOP.MUCOP-3 |
|
11:
|
Static creation method missing |
OOP.MUCOP-3 |
|
11:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
11:
|
Globally unused "public" class: com.parasoft.bookstore2.CartManager |
GLOBAL.UPPC-4 |
|
11:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
11:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
11:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
11:
|
Number of Javadoc comments are below thresholds (%): 10.0 |
METRICS.PJDC-3 |
|
11:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
12:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
12:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
12:
|
Constant value should be declared "final": cartIdToOrderMap |
CODSTA.READ.FF-3 |
|
12:
|
Found "static" variable of type "Map" or "Collection": 'cartIdToOrderMap' |
GC.STV-3 |
|
13:
|
Line is longer than 80 characters: 83 |
APSC_DV.003215.LL-3 |
|
13:
|
Line is longer than 80 characters: 83 |
FORMAT.LL-3 |
|
13:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
13:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
13:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Constant value should be declared "final": generatedNewCartId |
CODSTA.READ.FF-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
15:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
16:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
16:
|
Missing 'getList()' method for field 'list' |
BEAN.NFM-4 |
|
16:
|
Missing 'setList()' method for field 'list' |
BEAN.NFM-4 |
|
18:
|
No JUnit test method defined for 'CartManager()' |
JUNIT.TEST-2 |
|
18:
|
Missing Javadoc comment for method 'CartManager()' |
JAVADOC.PJDM-3 |
|
18:
|
Field 'cartId', declared on line 15, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
18:
|
Field 'list', declared on line 16, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
22:
|
Constructor 'CartManager' throws 'Exception' |
CERT.OBJ11.EPNFC-1 |
|
22:
|
No JUnit test method defined for 'CartManager()' |
JUNIT.TEST-2 |
|
22:
|
Constructor 'CartManager' throws 'Exception' |
EXCEPT.EPNFC-3 |
|
22:
|
Missing Javadoc comment for method 'CartManager()' |
JAVADOC.PJDM-3 |
|
22:
|
Method 'CartManager' performs compound action on "synchronized" collection 'cartIdToOrderMap' |
TRS.CMA-3 |
|
22:
|
Globally unused "public" constructor CartManager() |
GLOBAL.UPPM-4 |
|
22:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
22:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
22:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
22:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
OWASP2019.API7.NTX-5 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
APSC_DV.001460.NTX-2 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
CERT.ERR07.NTX-3 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
CODSTA.BP.NTX-3 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
CWE.397.NTX-3 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
OWASP2017.A6.NTX-3 |
|
22:
|
Throwing explicit 'Exception' object in 'CartManager()' |
OWASP2021.A5.NTX-3 |
|
23:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
23:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
23:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
24:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
24:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
24:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
24:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
24:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
24:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
24:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
24:
|
Concatenating strings |
INTER.COS-5 |
|
24:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
24:
|
The String literal "cartId: " is used |
SECURITY.WSC.SL-3 |
|
25:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
25:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
25:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
25:
|
The String literal " doesn't exist." is used |
SECURITY.WSC.SL-3 |
|
26:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
27:
|
Calling the method 'setCartId()' in the constructor could cause an unexpected NullPointerException |
CODSTA.EPC.NCNFC-2 |
|
27:
|
Non-"final", non-"static", and non-"private" method 'setCartId()' called from inside constructor 'CartManager' |
PB.CUB.CTOR-4 |
|
28:
|
Non-"final", non-"static", and non-"private" method 'setItem()' called from inside constructor 'CartManager' |
PB.CUB.CTOR-4 |
|
28:
|
Calling the method 'setItem()' in the constructor could cause an unexpected NullPointerException |
CODSTA.EPC.NCNFC-2 |
|
28:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
31:
|
No JUnit test method defined for 'addNewItemToCart()' |
JUNIT.TEST-2 |
|
31:
|
Missing Javadoc comment for method 'addNewItemToCart()' |
JAVADOC.PJDM-3 |
|
31:
|
Globally unused "public" method: addNewItemToCart() |
GLOBAL.UPPM-4 |
|
31:
|
Formal parameter 'order' is not declared as final |
CODSTA.BP.FPF-3 |
|
32:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
32:
|
The local variable 'list' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
32:
|
Local variable 'list' has the same name as a field |
OOP.HMF-3 |
|
32:
|
The declaration of the local variable 'list' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
32:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
34:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
37:
|
Line is longer than 80 characters: 82 |
APSC_DV.003215.LL-3 |
|
37:
|
Line is longer than 80 characters: 82 |
FORMAT.LL-3 |
|
37:
|
No JUnit test method defined for 'addExistingItemToCart()' |
JUNIT.TEST-2 |
|
37:
|
The method 'addExistingItemToCart' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
37:
|
Missing Javadoc comment for method 'addExistingItemToCart()' |
JAVADOC.PJDM-3 |
|
37:
|
Method 'addExistingItemToCart' performs compound action on "synchronized" collection 'cartIdToOrderMap' |
TRS.CMA-3 |
|
37:
|
Globally unused "public" method: addExistingItemToCart() |
GLOBAL.UPPM-4 |
|
37:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
37:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
37:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
37:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
37:
|
Formal parameter 'order' is not declared as final |
CODSTA.BP.FPF-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
APSC_DV.001460.NTX-2 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
CERT.ERR07.NTX-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
CODSTA.BP.NTX-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
CWE.397.NTX-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
OWASP2017.A6.NTX-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
OWASP2021.A5.NTX-3 |
|
37:
|
Throwing explicit 'Exception' object in 'addExistingItemToCart()' |
OWASP2019.API7.NTX-5 |
|
39:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
39:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
39:
|
'cartIdToOrderMap' calls "containsKey()" and then "get()" |
OPT.AUMO-3 |
|
39:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
40:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
40:
|
The local variable 'list' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
40:
|
Local variable 'list' has the same name as a field |
OOP.HMF-3 |
|
40:
|
The declaration of the local variable 'list' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
40:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
41:
|
interface type 'Iterator' is used |
MOBILE.AUI-3 |
|
41:
|
The declaration of the local variable 'iterator' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
42:
|
Variable 'found' does not end with 'boolean' |
NAMING.UHN-4 |
|
42:
|
The declaration of the local variable 'found' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
42:
|
Local constant not declared "final": found |
CODSTA.READ.FLV-3 |
|
43:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
43:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
43:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
44:
|
Variable name 'o' is not of type "java.lang.Object" |
NAMING.CVN-4 |
|
44:
|
The length of the identifier "o" is less than the minimum length (2) |
NAMING.LLI-4 |
|
45:
|
The declaration of the local variable 'book' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
46:
|
Line is longer than 80 characters: 96 |
APSC_DV.003215.LL-3 |
|
46:
|
Line is longer than 80 characters: 96 |
FORMAT.LL-3 |
|
46:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
46:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
46:
|
The return value of 'getProductInfo()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
46:
|
The return value of 'getBook()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
46:
|
The return value of 'getProductInfo()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
50:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
51:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
52:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
52:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
55:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
56:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
56:
|
Do not use trailing comments |
APSC_DV.003215.TC-3 |
|
56:
|
Do not use trailing comments |
FORMAT.TC-3 |
|
57:
|
Line is longer than 80 characters: 88 |
APSC_DV.003215.LL-3 |
|
57:
|
Line is longer than 80 characters: 88 |
FORMAT.LL-3 |
|
57:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
57:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
57:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
57:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
57:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
57:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
57:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
57:
|
Concatenating strings |
INTER.COS-5 |
|
57:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
57:
|
The String literal "An order with Cart Id " is used |
SECURITY.WSC.SL-3 |
|
57:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
57:
|
The String literal " does not exist!" is used |
SECURITY.WSC.SL-3 |
|
58:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
62:
|
Line is longer than 80 characters: 92 |
APSC_DV.003215.LL-3 |
|
62:
|
Line is longer than 80 characters: 92 |
FORMAT.LL-3 |
|
62:
|
No JUnit test method defined for 'updateExistingItem()' |
JUNIT.TEST-2 |
|
62:
|
The method 'updateExistingItem' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
62:
|
Missing Javadoc comment for method 'updateExistingItem()' |
JAVADOC.PJDM-3 |
|
62:
|
Method 'updateExistingItem' performs compound action on "synchronized" collection 'cartIdToOrderMap' |
TRS.CMA-3 |
|
62:
|
Globally unused "public" method: updateExistingItem() |
GLOBAL.UPPM-4 |
|
62:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
62:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
62:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
62:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
62:
|
Variable 'itemId' does not end with 'int' |
NAMING.UHN-4 |
|
62:
|
Formal parameter 'itemId' is not declared as final |
CODSTA.BP.FPF-3 |
|
62:
|
Formal parameter 'quantity' is not declared as final |
CODSTA.BP.FPF-3 |
|
62:
|
Variable 'quantity' does not end with 'int' |
NAMING.UHN-4 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
OWASP2019.API7.NTX-5 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
APSC_DV.001460.NTX-2 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
CERT.ERR07.NTX-3 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
CODSTA.BP.NTX-3 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
CWE.397.NTX-3 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
OWASP2017.A6.NTX-3 |
|
62:
|
Throwing explicit 'Exception' object in 'updateExistingItem()' |
OWASP2021.A5.NTX-3 |
|
64:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
64:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
64:
|
'cartIdToOrderMap' calls "containsKey()" and then "get()" |
OPT.AUMO-3 |
|
64:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
65:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
65:
|
The local variable 'list' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
65:
|
Local variable 'list' has the same name as a field |
OOP.HMF-3 |
|
65:
|
The declaration of the local variable 'list' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
65:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
66:
|
interface type 'Iterator' is used |
MOBILE.AUI-3 |
|
66:
|
The declaration of the local variable 'iterator' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
67:
|
Variable 'found' does not end with 'boolean' |
NAMING.UHN-4 |
|
67:
|
The declaration of the local variable 'found' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
67:
|
Local constant not declared "final": found |
CODSTA.READ.FLV-3 |
|
68:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
68:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
68:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
69:
|
The declaration of the local variable 'order' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
70:
|
The declaration of the local variable 'book' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
71:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
71:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
71:
|
The return value of 'getProductInfo()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
72:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
72:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
72:
|
The return value of 'getProductInfo()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
73:
|
Line is longer than 80 characters: 81 |
APSC_DV.003215.LL-3 |
|
73:
|
Line is longer than 80 characters: 81 |
FORMAT.LL-3 |
|
73:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
73:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
73:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
73:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
73:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
73:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
73:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
73:
|
Concatenating strings |
INTER.COS-5 |
|
73:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
73:
|
The String literal "Did not update order with cartId " is used |
SECURITY.WSC.SL-3 |
|
74:
|
Indentation should be 28 (or 36) spaces |
APSC_DV.003215.IND-3 |
|
74:
|
Indentation should be 28 (or 36) spaces |
FORMAT.IND-3 |
|
74:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
74:
|
The String literal ", " is used |
SECURITY.WSC.SL-3 |
|
74:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
74:
|
The String literal " is greater than " is used |
SECURITY.WSC.SL-3 |
|
75:
|
Line is longer than 80 characters: 102 |
APSC_DV.003215.LL-3 |
|
75:
|
Line is longer than 80 characters: 102 |
FORMAT.LL-3 |
|
75:
|
Indentation should be 28 (or 36) spaces |
APSC_DV.003215.IND-3 |
|
75:
|
Indentation should be 28 (or 36) spaces |
FORMAT.IND-3 |
|
75:
|
The String literal "the quantity in stock: " is used |
SECURITY.WSC.SL-3 |
|
75:
|
The return value of 'getProductInfo()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
75:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
76:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
80:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
81:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
| +
|
82:
|
Condition "!found" always evaluates to true |
BD.PB.CC-2 |
| |
|
Start of the path
CartManager.java (62): updateExistingItem(int cartId, int itemId, int quantity) throws Exception
CartManager.java (64): if (cartIdToOrderMap.containsKey(cartId)) { *** Condition evaluation: cartIdToOrderMap.containsKey(cartId) (assuming true)
CartManager.java (65): List<Order> list = cartIdToOrderMap.get(cartId);
CartManager.java (66): Iterator<Order> iterator = list.iterator();
CartManager.java (67): boolean found = false;
CartManager.java (68): while (iterator.hasNext()) { *** Loop condition evaluation: iterator.hasNext() (assuming false) *** Not entering the loop
Point where senseless condition is used
CartManager.java (82): if (!found) { |
|
| +
|
82:
|
Condition "!found" always evaluates to true |
CWE.561.CC-2 |
| |
|
Start of the path
CartManager.java (62): updateExistingItem(int cartId, int itemId, int quantity) throws Exception
CartManager.java (64): if (cartIdToOrderMap.containsKey(cartId)) { *** Condition evaluation: cartIdToOrderMap.containsKey(cartId) (assuming true)
CartManager.java (65): List<Order> list = cartIdToOrderMap.get(cartId);
CartManager.java (66): Iterator<Order> iterator = list.iterator();
CartManager.java (67): boolean found = false;
CartManager.java (68): while (iterator.hasNext()) { *** Loop condition evaluation: iterator.hasNext() (assuming false) *** Not entering the loop
Point where senseless condition is used
CartManager.java (82): if (!found) { |
|
| +
|
82:
|
Condition "!found" always evaluates to true |
CWE.570.CC-2 |
| |
|
Start of the path
CartManager.java (62): updateExistingItem(int cartId, int itemId, int quantity) throws Exception
CartManager.java (64): if (cartIdToOrderMap.containsKey(cartId)) { *** Condition evaluation: cartIdToOrderMap.containsKey(cartId) (assuming true)
CartManager.java (65): List<Order> list = cartIdToOrderMap.get(cartId);
CartManager.java (66): Iterator<Order> iterator = list.iterator();
CartManager.java (67): boolean found = false;
CartManager.java (68): while (iterator.hasNext()) { *** Loop condition evaluation: iterator.hasNext() (assuming false) *** Not entering the loop
Point where senseless condition is used
CartManager.java (82): if (!found) { |
|
| +
|
82:
|
Condition "!found" always evaluates to true |
CWE.571.CC-2 |
| |
|
Start of the path
CartManager.java (62): updateExistingItem(int cartId, int itemId, int quantity) throws Exception
CartManager.java (64): if (cartIdToOrderMap.containsKey(cartId)) { *** Condition evaluation: cartIdToOrderMap.containsKey(cartId) (assuming true)
CartManager.java (65): List<Order> list = cartIdToOrderMap.get(cartId);
CartManager.java (66): Iterator<Order> iterator = list.iterator();
CartManager.java (67): boolean found = false;
CartManager.java (68): while (iterator.hasNext()) { *** Loop condition evaluation: iterator.hasNext() (assuming false) *** Not entering the loop
Point where senseless condition is used
CartManager.java (82): if (!found) { |
|
|
82:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
82:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
83:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
83:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
83:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
83:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
83:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
83:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
83:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
83:
|
Concatenating strings |
INTER.COS-5 |
|
83:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
83:
|
The String literal "Did not update order with cartId " is used |
SECURITY.WSC.SL-3 |
|
84:
|
Indentation should be 20 (or 28) spaces |
APSC_DV.003215.IND-3 |
|
84:
|
Indentation should be 20 (or 28) spaces |
FORMAT.IND-3 |
|
84:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
84:
|
The String literal ", order does not exist." is used |
SECURITY.WSC.SL-3 |
|
85:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
86:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
86:
|
Do not use trailing comments |
APSC_DV.003215.TC-3 |
|
86:
|
Do not use trailing comments |
FORMAT.TC-3 |
|
87:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
87:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
87:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
87:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
87:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
87:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
87:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
87:
|
Concatenating strings |
INTER.COS-5 |
|
87:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
87:
|
The String literal "Did not update order with cartId " is used |
SECURITY.WSC.SL-3 |
|
87:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
88:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
88:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
88:
|
The String literal ", itemId " is used |
SECURITY.WSC.SL-3 |
|
88:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
88:
|
The String literal " does not exist in the order." is used |
SECURITY.WSC.SL-3 |
|
89:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
102:
|
No JUnit test method defined for 'getCartSize()' |
JUNIT.TEST-2 |
|
102:
|
Missing Javadoc tag '@since' for method 'getCartSize()' |
JAVADOC.ECTM-3 |
|
102:
|
Globally unused "public" method: getCartSize() |
GLOBAL.UPPM-4 |
|
102:
|
"public" method without a '@post' contract: getCartSize () |
DBC.PUBMPOST-3 |
|
102:
|
"public" method without a '@pre' contract: getCartSize |
DBC.PUBMPRE-3 |
|
112:
|
Misspelled word 'ites' |
JAVADOC.SPELL-3 |
|
113:
|
This '@return' tag does not contain a meaningful description of the method's return value |
JAVADOC.MDJT-3 |
|
116:
|
No JUnit test method defined for 'getCartSize()' |
JUNIT.TEST-2 |
|
116:
|
Missing Javadoc tag '@since' for method 'getCartSize()' |
JAVADOC.ECTM-3 |
|
116:
|
Method 'getCartSize' performs compound action on "synchronized" collection 'cartIdToOrderMap' |
TRS.CMA-3 |
|
116:
|
Globally unused "public" method: getCartSize() |
GLOBAL.UPPM-4 |
|
116:
|
"public" method without a '@post' contract: getCartSize () |
DBC.PUBMPOST-3 |
|
116:
|
"public" method without a '@pre' contract: getCartSize |
DBC.PUBMPRE-3 |
|
116:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
116:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
116:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
116:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
OWASP2019.API7.NTX-5 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
APSC_DV.001460.NTX-2 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
CERT.ERR07.NTX-3 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
CODSTA.BP.NTX-3 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
CWE.397.NTX-3 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
OWASP2017.A6.NTX-3 |
|
116:
|
Throwing explicit 'Exception' object in 'getCartSize()' |
OWASP2021.A5.NTX-3 |
|
117:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
117:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
117:
|
'cartIdToOrderMap' calls "containsKey()" and then "get()" |
OPT.AUMO-3 |
|
117:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
118:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
119:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
120:
|
Avoid throwing 'Exception' |
APSC_DV.001460.NTERR-2 |
|
120:
|
Avoid throwing 'Exception' |
CERT.ERR07.NTERR-3 |
|
120:
|
Avoid throwing 'Exception' |
CWE.397.NTERR-3 |
|
120:
|
Avoid throwing 'Exception' |
EXCEPT.NTERR-3 |
|
120:
|
Avoid throwing 'Exception' |
OWASP2017.A6.NTERR-3 |
|
120:
|
Avoid throwing 'Exception' |
OWASP2021.A5.NTERR-3 |
|
120:
|
Avoid throwing 'Exception' |
OWASP2019.API7.NTERR-5 |
|
120:
|
Concatenating strings |
INTER.COS-5 |
|
120:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
120:
|
The String literal "cartId: " is used |
SECURITY.WSC.SL-3 |
|
121:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
121:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
121:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
121:
|
The String literal " doesn't exist." is used |
SECURITY.WSC.SL-3 |
|
124:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
124:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
124:
|
No JUnit test method defined for 'getCart()' |
JUNIT.TEST-2 |
|
124:
|
The method 'getCart' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
124:
|
Missing Javadoc comment for method 'getCart()' |
JAVADOC.PJDM-3 |
|
124:
|
Globally unused "public" method: getCart() |
GLOBAL.UPPM-4 |
|
128:
|
No JUnit test method defined for 'removeEmptyMappings()' |
JUNIT.TEST-2 |
|
128:
|
Missing Javadoc comment for method 'removeEmptyMappings()' |
JAVADOC.PJDM-3 |
|
128:
|
Globally unused "public" method: removeEmptyMappings() |
GLOBAL.UPPM-4 |
|
129:
|
Line is longer than 80 characters: 95 |
APSC_DV.003215.LL-3 |
|
129:
|
Line is longer than 80 characters: 95 |
FORMAT.LL-3 |
|
129:
|
interface type 'Iterator' is used |
MOBILE.AUI-3 |
|
129:
|
interface type 'Entry' is used |
MOBILE.AUI-3 |
|
129:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
129:
|
The declaration of the local variable 'itr' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
130:
|
Consider using a "for" loop here |
CODSTA.READ.PFL-5 |
|
130:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
130:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
131:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
131:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
133:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
134:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
137:
|
No JUnit test method defined for 'removeOrder()' |
JUNIT.TEST-2 |
|
137:
|
Missing Javadoc comment for method 'removeOrder()' |
JAVADOC.PJDM-3 |
|
137:
|
Method 'removeOrder' performs compound action on "synchronized" collection 'cartIdToOrderMap' |
TRS.CMA-3 |
|
137:
|
Globally unused "public" method: removeOrder() |
GLOBAL.UPPM-4 |
|
137:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
137:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
137:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
137:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
138:
|
Variable 'found' does not end with 'boolean' |
NAMING.UHN-4 |
|
138:
|
The declaration of the local variable 'found' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
139:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
139:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
139:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
140:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
142:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
146:
|
No JUnit test method defined for 'setCartId()' |
JUNIT.TEST-2 |
|
146:
|
Method 'setCartId()' should be declared "private" |
CWE.749.DPPM-4 |
|
146:
|
Method 'setCartId()' should be declared "private" |
GLOBAL.DPPM-4 |
|
146:
|
Method 'setCartId()' should be declared "final" |
GLOBAL.SPPM-5 |
|
146:
|
Setter method 'setCartId()' is not declared "final" |
OPT.MAF-5 |
|
146:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
146:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
146:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
146:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
150:
|
No JUnit test method defined for 'getCartId()' |
JUNIT.TEST-2 |
|
150:
|
Globally unused "public" method: getCartId() |
GLOBAL.UPPM-4 |
|
150:
|
Getter method 'getCartId()' is not declared "final" |
OPT.MAF-5 |
|
154:
|
Setter method 'setItem()' is not declared "final" |
OPT.MAF-5 |
|
154:
|
No JUnit test method defined for 'setItem()' |
JUNIT.TEST-2 |
|
154:
|
Missing Javadoc comment for method 'setItem()' |
JAVADOC.PJDM-3 |
|
154:
|
Method 'setItem()' should be declared "private" |
CWE.749.DPPM-4 |
|
154:
|
Method 'setItem()' should be declared "private" |
GLOBAL.DPPM-4 |
|
154:
|
Method 'setItem()' should be declared "final" |
GLOBAL.SPPM-5 |
|
154:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
154:
|
Formal parameter 'list' is not declared as final |
CODSTA.BP.FPF-3 |
|
154:
|
The parameter 'list' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
154:
|
Parameter 'list' has the same name as a field |
OOP.HMF-3 |
|
158:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
158:
|
No JUnit test method defined for 'getItem()' |
JUNIT.TEST-2 |
|
158:
|
The method 'getItem' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
158:
|
Missing Javadoc comment for method 'getItem()' |
JAVADOC.PJDM-3 |
|
158:
|
Globally unused "public" method: getItem() |
GLOBAL.UPPM-4 |
|
158:
|
Getter method 'getItem()' is not declared "final" |
OPT.MAF-5 |
|
162:
|
No JUnit test method defined for 'getStaticCart_Id()' |
JUNIT.TEST-2 |
|
162:
|
Missing Javadoc comment for method 'getStaticCart_Id()' |
JAVADOC.PJDM-3 |
|
162:
|
Globally unused "public" method: getStaticCart_Id() |
GLOBAL.UPPM-4 |
|
165:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
165:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/CartTimer.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
5:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Missing Javadoc comment for 'CartTimer' |
JAVADOC.PJDC-3 |
|
5:
|
Public clone method missing |
OOP.MUCOP-3 |
|
5:
|
Static creation method missing |
OOP.MUCOP-3 |
|
5:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
5:
|
Globally unused "public" class: com.parasoft.bookstore2.CartTimer |
GLOBAL.UPPC-4 |
|
5:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
5:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
5:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
5:
|
"class" missing a no argument constructor: CartTimer |
CODSTA.POD.DCTOR-5 |
|
5:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
5:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
6:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
6:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
7:
|
The method 'run()' does not contain a "try"/"catch" block which catches all possible "Throwable" objects |
EXCEPT.CATO-2 |
|
7:
|
No JUnit test method defined for 'run()' |
JUNIT.TEST-2 |
|
7:
|
Missing Javadoc comment for method 'run()' |
JAVADOC.PJDM-3 |
|
8:
|
Define and reuse a constant for immutable object: 'new CartService()' |
GC.RCO-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/DisplayOrder.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
3:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
DisplayOrder has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
3:
|
getter method without an @invariant contract: getItem() |
DBC.IGM-3 |
|
3:
|
getter method without an @invariant contract: getCartId() |
DBC.IGM-3 |
|
3:
|
Missing Javadoc comment for 'DisplayOrder' |
JAVADOC.PJDC-3 |
|
3:
|
Public clone method missing |
OOP.MUCOP-3 |
|
3:
|
Static creation method missing |
OOP.MUCOP-3 |
|
3:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
3:
|
Globally unused "public" class: com.parasoft.bookstore2.DisplayOrder |
GLOBAL.UPPC-4 |
|
3:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
3:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
3:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
3:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
3:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
4:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
5:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
5:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
7:
|
No JUnit test method defined for 'DisplayOrder()' |
JUNIT.TEST-2 |
|
7:
|
Missing Javadoc comment for method 'DisplayOrder()' |
JAVADOC.PJDM-3 |
|
7:
|
Field 'item', declared on line 5, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
7:
|
Field 'cartId', declared on line 4, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
11:
|
No JUnit test method defined for 'DisplayOrder()' |
JUNIT.TEST-2 |
|
11:
|
Missing Javadoc comment for method 'DisplayOrder()' |
JAVADOC.PJDM-3 |
|
11:
|
Globally unused "public" constructor DisplayOrder() |
GLOBAL.UPPM-4 |
|
11:
|
Formal parameter 'order' is not declared as final |
CODSTA.BP.FPF-3 |
|
11:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
11:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
11:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
11:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
|
12:
|
This assignment may store the original parameter 'order' rather than a copy of the parameter into the field 'item' |
CERT.OBJ05.SMO-1 |
|
12:
|
This assignment may store the original parameter 'order' rather than a copy of the parameter into the field 'item' |
CERT.OBJ06.SMO-2 |
|
12:
|
This assignment may store the original parameter 'order' rather than a copy of the parameter into the field 'item' |
CERT.OBJ04.SMO-3 |
|
12:
|
This assignment may store the original parameter 'order' rather than a copy of the parameter into the field 'item' |
SECURITY.EAB.SMO-3 |
|
16:
|
No JUnit test method defined for 'getItem()' |
JUNIT.TEST-2 |
|
16:
|
The method 'getItem' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
16:
|
Globally unused "public" method: getItem() |
GLOBAL.UPPM-4 |
|
16:
|
Getter method 'getItem()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
Setter method 'setItem()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
No JUnit test method defined for 'setItem()' |
JUNIT.TEST-2 |
|
20:
|
Globally unused "public" method: setItem() |
GLOBAL.UPPM-4 |
|
20:
|
Formal parameter 'item' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'item' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'item' has the same name as a field |
OOP.HMF-3 |
|
24:
|
No JUnit test method defined for 'getCartId()' |
JUNIT.TEST-2 |
|
24:
|
Globally unused "public" method: getCartId() |
GLOBAL.UPPM-4 |
|
24:
|
Getter method 'getCartId()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
Setter method 'setCartId()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
No JUnit test method defined for 'setCartId()' |
JUNIT.TEST-2 |
|
28:
|
Globally unused "public" method: setCartId() |
GLOBAL.UPPM-4 |
|
28:
|
Formal parameter 'cartId' is not declared as final |
CODSTA.BP.FPF-3 |
|
28:
|
The parameter 'cartId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
28:
|
Parameter 'cartId' has the same name as a field |
OOP.HMF-3 |
|
28:
|
Variable 'cartId' does not end with 'int' |
NAMING.UHN-4 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/ItemNotFoundException.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
3:
|
Missing Javadoc comment for 'ItemNotFoundException' |
JAVADOC.PJDC-3 |
|
3:
|
ItemNotFoundException implements Serializable instead of Externalizable |
SERIAL.EZEE-3 |
|
3:
|
Class 'com.parasoft.bookstore2.ItemNotFoundException' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
3:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
3:
|
Class 'com.parasoft.bookstore2.ItemNotFoundException' should be declared "final" |
GLOBAL.SPPC-5 |
|
3:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
3:
|
"class" missing a no argument constructor: ItemNotFoundException |
CODSTA.POD.DCTOR-5 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
4:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
8:
|
No JUnit test method defined for 'ItemNotFoundException()' |
JUNIT.TEST-2 |
|
8:
|
'public' constructor declared |
CODSTA.BP.CMUTA-3 |
|
8:
|
Missing Javadoc comment for method 'ItemNotFoundException()' |
JAVADOC.PJDM-3 |
|
8:
|
Constructor 'ItemNotFoundException()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
8:
|
Constructor 'ItemNotFoundException()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
8:
|
Flag not present |
SECURITY.WSC.INIVF-4 |
|
8:
|
Formal parameter 'msg' is not declared as final |
CODSTA.BP.FPF-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/Order.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
5:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
getter method without an @invariant contract: getBook() |
DBC.IGM-3 |
|
5:
|
getter method without an @invariant contract: getQuantity() |
DBC.IGM-3 |
|
5:
|
getter method without an @invariant contract: getTimestamp() |
DBC.IGM-3 |
|
5:
|
Missing Javadoc comment for 'Order' |
JAVADOC.PJDC-3 |
|
5:
|
Public clone method missing |
OOP.MUCOP-3 |
|
5:
|
Static creation method missing |
OOP.MUCOP-3 |
|
5:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
5:
|
Class 'com.parasoft.bookstore2.Order' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
5:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
5:
|
Class 'com.parasoft.bookstore2.Order' should be declared "final" |
GLOBAL.SPPC-5 |
|
5:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
5:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
5:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
5:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
6:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
6:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
7:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
7:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
7:
|
Variable 'quantity' does not end with 'int' |
NAMING.UHN-4 |
|
8:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
8:
|
Missing 'setTimestamp()' method for field 'timestamp' |
BEAN.NFM-4 |
|
8:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
10:
|
No JUnit test method defined for 'Order()' |
JUNIT.TEST-2 |
|
10:
|
Missing Javadoc comment for method 'Order()' |
JAVADOC.PJDM-3 |
|
11:
|
Inspect that 'System.currentTimeMillis()' is used securely |
SECURITY.BV.ADT-5 |
|
14:
|
No JUnit test method defined for 'Order()' |
JUNIT.TEST-2 |
|
14:
|
Missing Javadoc comment for method 'Order()' |
JAVADOC.PJDM-3 |
|
14:
|
Constructor 'Order()' should be declared "private" |
CWE.749.DPPM-4 |
|
14:
|
Constructor 'Order()' should be declared "private" |
GLOBAL.DPPM-4 |
|
14:
|
Formal parameter 'book' is not declared as final |
CODSTA.BP.FPF-3 |
|
14:
|
The parameter 'book' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
14:
|
Parameter 'book' has the same name as a field |
OOP.HMF-3 |
|
14:
|
Formal parameter 'quantity' is not declared as final |
CODSTA.BP.FPF-3 |
|
14:
|
The parameter 'quantity' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
14:
|
Parameter 'quantity' has the same name as a field |
OOP.HMF-3 |
|
14:
|
Variable 'quantity' does not end with 'int' |
NAMING.UHN-4 |
|
14:
|
Formal parameter 'timestamp' is not declared as final |
CODSTA.BP.FPF-3 |
|
14:
|
The parameter 'timestamp' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
14:
|
Parameter 'timestamp' has the same name as a field |
OOP.HMF-3 |
|
14:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
20:
|
No JUnit test method defined for 'getBook()' |
JUNIT.TEST-2 |
|
20:
|
The method 'getBook' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
20:
|
Method 'getBook()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
20:
|
Method 'getBook()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
20:
|
Method 'getBook()' should be declared "final" |
GLOBAL.SPPM-5 |
|
20:
|
Getter method 'getBook()' is not declared "final" |
OPT.MAF-5 |
|
24:
|
Setter method 'setBook()' is not declared "final" |
OPT.MAF-5 |
|
24:
|
No JUnit test method defined for 'setBook()' |
JUNIT.TEST-2 |
|
24:
|
Globally unused "public" method: setBook() |
GLOBAL.UPPM-4 |
|
24:
|
Formal parameter 'book' is not declared as final |
CODSTA.BP.FPF-3 |
|
24:
|
The parameter 'book' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
24:
|
Parameter 'book' has the same name as a field |
OOP.HMF-3 |
|
28:
|
No JUnit test method defined for 'getQuantity()' |
JUNIT.TEST-2 |
|
28:
|
Method 'getQuantity()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
28:
|
Method 'getQuantity()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
28:
|
Method 'getQuantity()' should be declared "final" |
GLOBAL.SPPM-5 |
|
28:
|
Getter method 'getQuantity()' is not declared "final" |
OPT.MAF-5 |
|
32:
|
Setter method 'setQuantity()' is not declared "final" |
OPT.MAF-5 |
|
32:
|
No JUnit test method defined for 'setQuantity()' |
JUNIT.TEST-2 |
|
32:
|
Method 'setQuantity()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
32:
|
Method 'setQuantity()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
32:
|
Method 'setQuantity()' should be declared "final" |
GLOBAL.SPPM-5 |
|
32:
|
Formal parameter 'quantity' is not declared as final |
CODSTA.BP.FPF-3 |
|
32:
|
The parameter 'quantity' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
32:
|
Parameter 'quantity' has the same name as a field |
OOP.HMF-3 |
|
32:
|
Variable 'quantity' does not end with 'int' |
NAMING.UHN-4 |
|
36:
|
No JUnit test method defined for 'modifyCount()' |
JUNIT.TEST-2 |
|
36:
|
Missing Javadoc comment for method 'modifyCount()' |
JAVADOC.PJDM-3 |
|
36:
|
Method 'modifyCount()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
36:
|
Method 'modifyCount()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
36:
|
Method 'modifyCount()' should be declared "final" |
GLOBAL.SPPM-5 |
|
36:
|
Formal parameter 'amount' is not declared as final |
CODSTA.BP.FPF-3 |
|
36:
|
Variable 'amount' does not end with 'int' |
NAMING.UHN-4 |
|
40:
|
No JUnit test method defined for 'getTimestamp()' |
JUNIT.TEST-2 |
|
40:
|
Globally unused "public" method: getTimestamp() |
GLOBAL.UPPM-4 |
|
40:
|
Getter method 'getTimestamp()' is not declared "final" |
OPT.MAF-5 |
|
44:
|
No JUnit test method defined for 'refreshTimestamp()' |
JUNIT.TEST-2 |
|
44:
|
Missing Javadoc comment for method 'refreshTimestamp()' |
JAVADOC.PJDM-3 |
|
44:
|
Name of setter method 'refreshTimestamp' does not match user-specified regular expression '^set.' |
NAMING.SETA-3 |
|
44:
|
Method 'refreshTimestamp()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
44:
|
Method 'refreshTimestamp()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
44:
|
Method 'refreshTimestamp()' should be declared "final" |
GLOBAL.SPPM-5 |
|
45:
|
Inspect that 'System.currentTimeMillis()' is used securely |
SECURITY.BV.ADT-5 |
|
48:
|
No JUnit test method defined for 'getDescription()' |
JUNIT.TEST-2 |
|
48:
|
The method 'getDescription' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
48:
|
Missing Javadoc comment for method 'getDescription()' |
JAVADOC.PJDM-3 |
|
48:
|
Globally unused "public" method: getDescription() |
GLOBAL.UPPM-4 |
|
49:
|
Line is longer than 80 characters: 109 |
APSC_DV.003215.LL-3 |
|
49:
|
Line is longer than 80 characters: 109 |
FORMAT.LL-3 |
|
49:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
49:
|
Non internationalized string: "Order: " |
INTER.ITT-3 |
|
49:
|
Concatenating strings |
INTER.COS-5 |
|
49:
|
The String literal "Order: " is used |
SECURITY.WSC.SL-3 |
|
49:
|
The String literal " x" is used |
SECURITY.WSC.SL-3 |
|
49:
|
Non internationalized string: " x" |
INTER.ITT-3 |
|
49:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
49:
|
Non internationalized string: " on " |
INTER.ITT-3 |
|
49:
|
The String literal " on " is used |
SECURITY.WSC.SL-3 |
|
49:
|
Unnecessary call to "toString()" |
CODSTA.READ.AUTS-3 |
|
49:
|
Called 'toString()' on a 'Date' object |
INTER.DTS-4 |
|
51:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
51:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/ProductInfo.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
4:
|
"import java.math.BigDecimal" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
4:
|
"import java.math.BigDecimal" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
6:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
6:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
6:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
6:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
6:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
6:
|
Serializable class 'ProductInfo' does not implement readObject() |
APSC_DV.001460.OROM-2 |
|
6:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
6:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
6:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
6:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
6:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
6:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
6:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
6:
|
ProductInfo has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
6:
|
getter method without an @invariant contract: getName() |
DBC.IGM-3 |
|
6:
|
getter method without an @invariant contract: getId() |
DBC.IGM-3 |
|
6:
|
getter method without an @invariant contract: getStockQuantity() |
DBC.IGM-3 |
|
6:
|
getter method without an @invariant contract: getAmount() |
DBC.IGM-3 |
|
6:
|
Missing Javadoc comment for 'ProductInfo' |
JAVADOC.PJDC-3 |
|
6:
|
Public clone method missing |
OOP.MUCOP-3 |
|
6:
|
Static creation method missing |
OOP.MUCOP-3 |
|
6:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
6:
|
ProductInfo implements Serializable instead of Externalizable |
SERIAL.EZEE-3 |
|
6:
|
Class 'com.parasoft.bookstore2.ProductInfo' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
6:
|
Class 'com.parasoft.bookstore2.ProductInfo' should be declared "final" |
GLOBAL.SPPC-5 |
|
6:
|
Serializable class 'ProductInfo' does not implement readObject() |
OWASP2017.A8.OROM-5 |
|
6:
|
Serializable class 'ProductInfo' does not implement readObject() |
OWASP2021.A8.OROM-5 |
|
6:
|
Serializable class 'ProductInfo' does not implement readObject() |
SECURITY.EAB.OROM-5 |
|
6:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
6:
|
Number of Javadoc comments are below thresholds (%): 6.0 |
METRICS.PJDC-3 |
|
6:
|
interface type 'Serializable' is used |
MOBILE.AUI-3 |
|
7:
|
Opening brace '{' is not on the same line as the type declaration |
APSC_DV.003215.FCB-3 |
|
7:
|
Opening brace '{' is not on the same line as the type declaration |
FORMAT.FCB-3 |
|
8:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
8:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
Inspect field 'id' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
12:
|
Inspect field 'id' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
12:
|
Inspect field 'id' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
12:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
13:
|
Inspect field 'title' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
13:
|
Inspect field 'title' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
13:
|
Inspect field 'title' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
13:
|
Missing 'getTitle()' method for field 'title' |
BEAN.NFM-4 |
|
13:
|
Missing 'setTitle()' method for field 'title' |
BEAN.NFM-4 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Inspect field 'quantity_in_stock' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
14:
|
Inspect field 'quantity_in_stock' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
14:
|
Inspect field 'quantity_in_stock' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
14:
|
Missing 'getQuantity_in_stock()' method for field 'quantity_in_stock' |
BEAN.NFM-4 |
|
14:
|
Missing 'setQuantity_in_stock()' method for field 'quantity_in_stock' |
BEAN.NFM-4 |
|
14:
|
Variable 'quantity_in_stock' does not end with 'int' |
NAMING.UHN-4 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
15:
|
Inspect field 'amount' to ensure it will not expose sensitive data |
CWE.499.SIF-1 |
|
15:
|
Inspect field 'amount' to ensure it will not expose sensitive data |
SECURITY.ESD.SIF-1 |
|
15:
|
Inspect field 'amount' to ensure it will not expose sensitive data |
CERT.SER03.SIF-2 |
|
17:
|
No JUnit test method defined for 'ProductInfo()' |
JUNIT.TEST-2 |
|
17:
|
Missing Javadoc comment for method 'ProductInfo()' |
JAVADOC.PJDM-3 |
|
17:
|
Field 'title', declared on line 13, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
17:
|
Field 'id', declared on line 12, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
17:
|
Field 'quantity_in_stock', declared on line 14, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
17:
|
Field 'amount', declared on line 15, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
17:
|
Overloaded constructors: 'ProductInfo' have different accessibilities |
CODSTA.BP.OCMA-5 |
|
21:
|
Constructor 'ProductInfo' throws 'ItemNotFoundException' |
CERT.OBJ11.EPNFC-1 |
|
21:
|
No JUnit test method defined for 'ProductInfo()' |
JUNIT.TEST-2 |
|
21:
|
Constructor 'ProductInfo' throws 'ItemNotFoundException' |
EXCEPT.EPNFC-3 |
|
21:
|
Constructor 'ProductInfo()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
21:
|
Constructor 'ProductInfo()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
21:
|
Formal parameter 'id' is not declared as final |
CODSTA.BP.FPF-3 |
|
21:
|
The parameter 'id' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
21:
|
Parameter 'id' has the same name as a field |
OOP.HMF-3 |
|
21:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
21:
|
Formal parameter 'name' is not declared as final |
CODSTA.BP.FPF-3 |
|
21:
|
Formal parameter 'amount' is not declared as final |
CODSTA.BP.FPF-3 |
|
21:
|
The parameter 'amount' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
21:
|
Parameter 'amount' has the same name as a field |
OOP.HMF-3 |
|
21:
|
Formal parameter 'quantity' is not declared as final |
CODSTA.BP.FPF-3 |
|
21:
|
Variable 'quantity' does not end with 'int' |
NAMING.UHN-4 |
|
22:
|
Indentation should be 4 (or 12) spaces |
APSC_DV.003215.IND-3 |
|
22:
|
Indentation should be 4 (or 12) spaces |
FORMAT.IND-3 |
|
22:
|
Exception 'ItemNotFoundException' is not thrown in the body of method 'ProductInfo' |
GLOBAL.AUT-2 |
|
29:
|
No JUnit test method defined for 'getName()' |
JUNIT.TEST-2 |
|
29:
|
The method 'getName' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
29:
|
Missing Javadoc comment for method 'getName()' |
JAVADOC.PJDM-3 |
|
29:
|
Method 'getName()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
29:
|
Method 'getName()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
29:
|
Method 'getName()' should be declared "final" |
GLOBAL.SPPM-5 |
|
29:
|
Getter method 'getName()' is not declared "final" |
OPT.MAF-5 |
|
33:
|
Setter method 'setName()' is not declared "final" |
OPT.MAF-5 |
|
33:
|
No JUnit test method defined for 'setName()' |
JUNIT.TEST-2 |
|
33:
|
Missing Javadoc comment for method 'setName()' |
JAVADOC.PJDM-3 |
|
33:
|
Globally unused "public" method: setName() |
GLOBAL.UPPM-4 |
|
33:
|
Formal parameter 'title' is not declared as final |
CODSTA.BP.FPF-3 |
|
33:
|
The parameter 'title' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
33:
|
Parameter 'title' has the same name as a field |
OOP.HMF-3 |
|
37:
|
No JUnit test method defined for 'getId()' |
JUNIT.TEST-2 |
|
37:
|
Method 'getId()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
37:
|
Method 'getId()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
37:
|
Method 'getId()' should be declared "final" |
GLOBAL.SPPM-5 |
|
37:
|
Getter method 'getId()' is not declared "final" |
OPT.MAF-5 |
|
41:
|
Setter method 'setId()' is not declared "final" |
OPT.MAF-5 |
|
41:
|
No JUnit test method defined for 'setId()' |
JUNIT.TEST-2 |
|
41:
|
Globally unused "public" method: setId() |
GLOBAL.UPPM-4 |
|
41:
|
Formal parameter 'id' is not declared as final |
CODSTA.BP.FPF-3 |
|
41:
|
The parameter 'id' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
41:
|
Parameter 'id' has the same name as a field |
OOP.HMF-3 |
|
41:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
45:
|
No JUnit test method defined for 'getStockQuantity()' |
JUNIT.TEST-2 |
|
45:
|
Missing Javadoc comment for method 'getStockQuantity()' |
JAVADOC.PJDM-3 |
|
45:
|
Method 'getStockQuantity()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
45:
|
Method 'getStockQuantity()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
45:
|
Method 'getStockQuantity()' should be declared "final" |
GLOBAL.SPPM-5 |
|
45:
|
Getter method 'getStockQuantity()' is not declared "final" |
OPT.MAF-5 |
|
49:
|
Setter method 'setStockQuantity()' is not declared "final" |
OPT.MAF-5 |
|
49:
|
No JUnit test method defined for 'setStockQuantity()' |
JUNIT.TEST-2 |
|
49:
|
Missing Javadoc comment for method 'setStockQuantity()' |
JAVADOC.PJDM-3 |
|
49:
|
Globally unused "public" method: setStockQuantity() |
GLOBAL.UPPM-4 |
|
49:
|
Formal parameter 'quantity_in_stock' is not declared as final |
CODSTA.BP.FPF-3 |
|
49:
|
The parameter 'quantity_in_stock' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
49:
|
Parameter 'quantity_in_stock' has the same name as a field |
OOP.HMF-3 |
|
49:
|
Variable 'quantity_in_stock' does not end with 'int' |
NAMING.UHN-4 |
|
53:
|
No JUnit test method defined for 'getAmount()' |
JUNIT.TEST-2 |
|
53:
|
The method 'getAmount' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
53:
|
Globally unused "public" method: getAmount() |
GLOBAL.UPPM-4 |
|
53:
|
Getter method 'getAmount()' is not declared "final" |
OPT.MAF-5 |
|
57:
|
Setter method 'setAmount()' is not declared "final" |
OPT.MAF-5 |
|
57:
|
No JUnit test method defined for 'setAmount()' |
JUNIT.TEST-2 |
|
57:
|
Method 'setAmount()' should be declared "private" |
CWE.749.DPPM-4 |
|
57:
|
Method 'setAmount()' should be declared "private" |
GLOBAL.DPPM-4 |
|
57:
|
Method 'setAmount()' should be declared "final" |
GLOBAL.SPPM-5 |
|
57:
|
Formal parameter 'amount' is not declared as final |
CODSTA.BP.FPF-3 |
|
57:
|
The parameter 'amount' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
57:
|
Parameter 'amount' has the same name as a field |
OOP.HMF-3 |
|
61:
|
No JUnit test method defined for 'inflateAmount()' |
JUNIT.TEST-2 |
|
61:
|
Missing Javadoc comment for method 'inflateAmount()' |
JAVADOC.PJDM-3 |
|
61:
|
Method 'inflateAmount()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
61:
|
Method 'inflateAmount()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
61:
|
Method 'inflateAmount()' should be declared "final" |
GLOBAL.SPPM-5 |
|
61:
|
Formal parameter 'inflate' is not declared as final |
CODSTA.BP.FPF-3 |
|
66:
|
The method 'toString' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
66:
|
Missing Javadoc comment for method 'toString()' |
JAVADOC.PJDM-3 |
|
66:
|
Missing Javadoc for 'toString()' |
JAVADOC.TSMJT-3 |
|
66:
|
Missing Javadoc for 'toString()' |
OWASP2019.API9.TSMJT-5 |
|
66:
|
Getter method 'toString()' is not declared "final" |
OPT.MAF-5 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/SubmittedOrder.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
5:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
SubmittedOrder has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
5:
|
getter method without an @invariant contract: getOrderTime() |
DBC.IGM-3 |
|
5:
|
getter method without an @invariant contract: getSuccess() |
DBC.IGM-3 |
|
5:
|
Missing Javadoc comment for 'SubmittedOrder' |
JAVADOC.PJDC-3 |
|
5:
|
Public clone method missing |
OOP.MUCOP-3 |
|
5:
|
Static creation method missing |
OOP.MUCOP-3 |
|
5:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
5:
|
Globally unused "public" class: com.parasoft.bookstore2.SubmittedOrder |
GLOBAL.UPPC-4 |
|
5:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
5:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
5:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
5:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
5:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
6:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
6:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
6:
|
Missing 'isSuccessIndicator()' method for field 'successIndicator' |
BEAN.NFM-4 |
|
6:
|
Missing 'setSuccessIndicator()' method for field 'successIndicator' |
BEAN.NFM-4 |
|
6:
|
Variable 'successIndicator' does not end with 'boolean' |
NAMING.UHN-4 |
|
7:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
7:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
7:
|
Missing 'getDate()' method for field 'date' |
BEAN.NFM-4 |
|
7:
|
Missing 'setDate()' method for field 'date' |
BEAN.NFM-4 |
|
7:
|
Inspect usage of the 'Date' object 'date' |
SECURITY.BV.ADT-5 |
|
9:
|
No JUnit test method defined for 'SubmittedOrder()' |
JUNIT.TEST-2 |
|
9:
|
Missing Javadoc comment for method 'SubmittedOrder()' |
JAVADOC.PJDM-3 |
|
9:
|
Field 'successIndicator', declared on line 6, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
9:
|
Field 'date', declared on line 7, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
13:
|
No JUnit test method defined for 'SubmittedOrder()' |
JUNIT.TEST-2 |
|
13:
|
Missing Javadoc comment for method 'SubmittedOrder()' |
JAVADOC.PJDM-3 |
|
13:
|
Globally unused "public" constructor SubmittedOrder() |
GLOBAL.UPPM-4 |
|
13:
|
Formal parameter 'successIndicator' is not declared as final |
CODSTA.BP.FPF-3 |
|
13:
|
The parameter 'successIndicator' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
13:
|
Parameter 'successIndicator' has the same name as a field |
OOP.HMF-3 |
|
13:
|
Variable 'successIndicator' does not end with 'boolean' |
NAMING.UHN-4 |
|
13:
|
Formal parameter 'time' is not declared as final |
CODSTA.BP.FPF-3 |
|
13:
|
Variable 'time' does not end with 'long' |
NAMING.UHN-4 |
|
18:
|
No JUnit test method defined for 'setOrderTime()' |
JUNIT.TEST-2 |
|
18:
|
Missing Javadoc comment for method 'setOrderTime()' |
JAVADOC.PJDM-3 |
|
18:
|
Globally unused "public" method: setOrderTime() |
GLOBAL.UPPM-4 |
|
18:
|
Setter method 'setOrderTime()' is not declared "final" |
OPT.MAF-5 |
|
18:
|
Formal parameter 'date' is not declared as final |
CODSTA.BP.FPF-3 |
|
18:
|
The parameter 'date' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
18:
|
Parameter 'date' has the same name as a field |
OOP.HMF-3 |
|
18:
|
Inspect usage of the 'Date' object 'date' |
SECURITY.BV.ADT-5 |
|
22:
|
No JUnit test method defined for 'getOrderTime()' |
JUNIT.TEST-2 |
|
22:
|
The method 'getOrderTime' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
22:
|
Missing Javadoc comment for method 'getOrderTime()' |
JAVADOC.PJDM-3 |
|
22:
|
Globally unused "public" method: getOrderTime() |
GLOBAL.UPPM-4 |
|
22:
|
Getter method 'getOrderTime()' is not declared "final" |
OPT.MAF-5 |
|
26:
|
No JUnit test method defined for 'setSuccess()' |
JUNIT.TEST-2 |
|
26:
|
Missing Javadoc comment for method 'setSuccess()' |
JAVADOC.PJDM-3 |
|
26:
|
Globally unused "public" method: setSuccess() |
GLOBAL.UPPM-4 |
|
26:
|
Setter method 'setSuccess()' is not declared "final" |
OPT.MAF-5 |
|
26:
|
Formal parameter 'successIndicator' is not declared as final |
CODSTA.BP.FPF-3 |
|
26:
|
The parameter 'successIndicator' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
26:
|
Parameter 'successIndicator' has the same name as a field |
OOP.HMF-3 |
|
26:
|
Variable 'successIndicator' does not end with 'boolean' |
NAMING.UHN-4 |
|
30:
|
No JUnit test method defined for 'getSuccess()' |
JUNIT.TEST-2 |
|
30:
|
Missing Javadoc comment for method 'getSuccess()' |
JAVADOC.PJDM-3 |
|
30:
|
Name of "boolean" getter method 'getSuccess' does not match user-specified regular expression '^(is|can|has|have|are|was|contains).' |
NAMING.GETB-3 |
|
30:
|
Globally unused "public" method: getSuccess() |
GLOBAL.UPPM-4 |
|
30:
|
Getter method 'getSuccess()' is not declared "final" |
OPT.MAF-5 |
| /com.parasoft:parabank/src/main/java/com/parasoft/bookstore2/TempBook.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
3:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
3:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
3:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
3:
|
TempBook has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
3:
|
getter method without an @invariant contract: getTimestamp() |
DBC.IGM-3 |
|
3:
|
getter method without an @invariant contract: getBook() |
DBC.IGM-3 |
|
3:
|
Missing Javadoc comment for 'TempBook' |
JAVADOC.PJDC-3 |
|
3:
|
Public clone method missing |
OOP.MUCOP-3 |
|
3:
|
Static creation method missing |
OOP.MUCOP-3 |
|
3:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
3:
|
Class 'com.parasoft.bookstore2.TempBook' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
3:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
3:
|
Class 'com.parasoft.bookstore2.TempBook' should be declared "final" |
GLOBAL.SPPC-5 |
|
3:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
3:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
3:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
3:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
5:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
5:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
5:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
7:
|
No JUnit test method defined for 'TempBook()' |
JUNIT.TEST-2 |
|
7:
|
Missing Javadoc comment for method 'TempBook()' |
JAVADOC.PJDM-3 |
|
7:
|
Field 'book', declared on line 4, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
7:
|
Field 'timestamp', declared on line 5, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
11:
|
No JUnit test method defined for 'TempBook()' |
JUNIT.TEST-2 |
|
11:
|
Missing Javadoc comment for method 'TempBook()' |
JAVADOC.PJDM-3 |
|
11:
|
Globally unused "public" constructor TempBook() |
GLOBAL.UPPM-4 |
|
11:
|
Formal parameter 'book' is not declared as final |
CODSTA.BP.FPF-3 |
|
11:
|
The parameter 'book' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
11:
|
Parameter 'book' has the same name as a field |
OOP.HMF-3 |
|
11:
|
Formal parameter 'timestamp' is not declared as final |
CODSTA.BP.FPF-3 |
|
11:
|
The parameter 'timestamp' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
11:
|
Parameter 'timestamp' has the same name as a field |
OOP.HMF-3 |
|
11:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
16:
|
No JUnit test method defined for 'getTimestamp()' |
JUNIT.TEST-2 |
|
16:
|
Globally unused "public" method: getTimestamp() |
GLOBAL.UPPM-4 |
|
16:
|
Getter method 'getTimestamp()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
Setter method 'setTimestamp()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
No JUnit test method defined for 'setTimestamp()' |
JUNIT.TEST-2 |
|
20:
|
Globally unused "public" method: setTimestamp() |
GLOBAL.UPPM-4 |
|
20:
|
Formal parameter 'timestamp' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'timestamp' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'timestamp' has the same name as a field |
OOP.HMF-3 |
|
20:
|
Variable 'timestamp' does not end with 'long' |
NAMING.UHN-4 |
|
24:
|
No JUnit test method defined for 'getBook()' |
JUNIT.TEST-2 |
|
24:
|
The method 'getBook' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
24:
|
Method 'getBook()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
24:
|
Method 'getBook()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
24:
|
Method 'getBook()' should be declared "final" |
GLOBAL.SPPM-5 |
|
24:
|
Getter method 'getBook()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
Setter method 'setBook()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
No JUnit test method defined for 'setBook()' |
JUNIT.TEST-2 |
|
28:
|
Globally unused "public" method: setBook() |
GLOBAL.UPPM-4 |
|
28:
|
Formal parameter 'book' is not declared as final |
CODSTA.BP.FPF-3 |
|
28:
|
The parameter 'book' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
28:
|
Parameter 'book' has the same name as a field |
OOP.HMF-3 |
|
32:
|
No JUnit test method defined for 'refreshTimestamp()' |
JUNIT.TEST-2 |
|
32:
|
Missing Javadoc comment for method 'refreshTimestamp()' |
JAVADOC.PJDM-3 |
|
32:
|
Name of setter method 'refreshTimestamp' does not match user-specified regular expression '^set.' |
NAMING.SETA-3 |
|
32:
|
Method 'refreshTimestamp()' should be declared "package-private" |
CWE.749.DPPM-4 |
|
32:
|
Method 'refreshTimestamp()' should be declared "package-private" |
GLOBAL.DPPM-4 |
|
32:
|
Method 'refreshTimestamp()' should be declared "final" |
GLOBAL.SPPM-5 |
|
33:
|
Inspect that 'System.currentTimeMillis()' is used securely |
SECURITY.BV.ADT-5 |
|
35:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
35:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/dao/AccountDao.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.Account |
CODSTA.ORG.ORIMP-5 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
7:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
10:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
10:
|
Missing Javadoc tag '@since' for interface 'AccountDao' |
JAVADOC.ECTT-3 |
|
10:
|
The interface 'AccountDao' is never implemented |
GLOBAL.NIE-4 |
|
10:
|
Globally unused "public" interface: com.parasoft.parabank.dao.AccountDao |
GLOBAL.UPPC-4 |
|
10:
|
Missing '@author' Javadoc tag: AccountDao |
JAVADOC.MAJDT-4 |
|
10:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
10:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
10:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
10:
|
Missing '@version' Javadoc tag: AccountDao |
JAVADOC.MVJDT-3 |
|
18:
|
"public" method without a '@post' contract: getAccount () |
DBC.PUBMPOST-3 |
|
18:
|
"public" method without a '@pre' contract: getAccount |
DBC.PUBMPRE-3 |
|
18:
|
The '@post'/'@return' tag(s) for the method 'getAccount' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
18:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
26:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
26:
|
The '@post'/'@return' tag(s) for the method 'getAccountsForCustomerId' do not properly describe whether or not the method
can return null |
JAVADOC.CRN-3 |
|
26:
|
"public" method without a '@post' contract: getAccountsForCustomerId () |
DBC.PUBMPOST-3 |
|
26:
|
"public" method without a '@pre' contract: getAccountsForCustomerId |
DBC.PUBMPRE-3 |
|
26:
|
Variable 'customerId' does not end with 'int' |
NAMING.UHN-4 |
|
36:
|
"public" method without a '@post' contract: createAccount () |
DBC.PUBMPOST-3 |
|
36:
|
"public" method without a '@pre' contract: createAccount |
DBC.PUBMPRE-3 |
|
43:
|
"public" method without a '@post' contract: updateAccount () |
DBC.PUBMPOST-3 |
|
43:
|
"public" method without a '@pre' contract: updateAccount |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/dao/AdminDao.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
8:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Missing Javadoc tag '@since' for interface 'AdminDao' |
JAVADOC.ECTT-3 |
|
8:
|
Public clone method missing |
OOP.MUCOP-3 |
|
8:
|
Static creation method missing |
OOP.MUCOP-3 |
|
8:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
8:
|
The interface 'AdminDao' is never implemented |
GLOBAL.NIE-4 |
|
8:
|
Globally unused "public" interface: com.parasoft.parabank.dao.AdminDao |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: AdminDao |
JAVADOC.MAJDT-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
Missing '@version' Javadoc tag: AdminDao |
JAVADOC.MVJDT-3 |
|
14:
|
'@return ' doesn't match the return type of 'initializeDB' |
JAVADOC.DPMT-3 |
|
14:
|
This '@return' tag does not contain a meaningful description of the method's return value |
JAVADOC.MDJT-3 |
|
14:
|
'@return ' doesn't match the return type of 'initializeDB' |
OWASP2019.API9.DPMT-3 |
|
16:
|
Indentation should be 4 spaces |
APSC_DV.003215.IND-3 |
|
16:
|
Indentation should be 4 spaces |
FORMAT.IND-3 |
|
16:
|
"void" method has '@return' tag: 'initializeDB ()' |
JAVADOC.VMCR-3 |
|
16:
|
"void" method has '@return' tag: 'initializeDB ()' |
OWASP2019.API9.VMCR-3 |
|
16:
|
"public" method without a '@post' contract: initializeDB () |
DBC.PUBMPOST-3 |
|
16:
|
"public" method without a '@pre' contract: initializeDB |
DBC.PUBMPRE-3 |
|
23:
|
"public" method without a '@post' contract: cleanDB () |
DBC.PUBMPOST-3 |
|
23:
|
"public" method without a '@pre' contract: cleanDB |
DBC.PUBMPRE-3 |
|
31:
|
"public" method without a '@post' contract: getParameter () |
DBC.PUBMPOST-3 |
|
31:
|
"public" method without a '@pre' contract: getParameter |
DBC.PUBMPRE-3 |
|
31:
|
The '@post'/'@return' tag(s) for the method 'getParameter' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
39:
|
"public" method without a '@post' contract: setParameter () |
DBC.PUBMPOST-3 |
|
39:
|
"public" method without a '@pre' contract: setParameter |
DBC.PUBMPRE-3 |
|
46:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
46:
|
The '@post'/'@return' tag(s) for the method 'getParameters' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
46:
|
"public" method without a '@post' contract: getParameters () |
DBC.PUBMPOST-3 |
|
46:
|
"public" method without a '@pre' contract: getParameters |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/dao/CustomerDao.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
8:
|
Missing Javadoc tag '@since' for interface 'CustomerDao' |
JAVADOC.ECTT-3 |
|
8:
|
The interface 'CustomerDao' is never implemented |
GLOBAL.NIE-4 |
|
8:
|
Globally unused "public" interface: com.parasoft.parabank.dao.CustomerDao |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: CustomerDao |
JAVADOC.MAJDT-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
Missing '@version' Javadoc tag: CustomerDao |
JAVADOC.MVJDT-3 |
|
16:
|
"public" method without a '@post' contract: getCustomer () |
DBC.PUBMPOST-3 |
|
16:
|
"public" method without a '@pre' contract: getCustomer |
DBC.PUBMPRE-3 |
|
16:
|
The '@post'/'@return' tag(s) for the method 'getCustomer' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
16:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
26:
|
The '@post'/'@return' tag(s) for the method 'getCustomer' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
26:
|
"public" method without a '@post' contract: getCustomer () |
DBC.PUBMPOST-3 |
|
26:
|
"public" method without a '@pre' contract: getCustomer |
DBC.PUBMPRE-3 |
|
29:
|
Misspelled word 'usernamd' |
JAVADOC.SPELL-3 |
|
35:
|
The '@post'/'@return' tag(s) for the method 'getCustomer' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
35:
|
"public" method without a '@post' contract: getCustomer () |
DBC.PUBMPOST-3 |
|
35:
|
"public" method without a '@pre' contract: getCustomer |
DBC.PUBMPRE-3 |
|
45:
|
"public" method without a '@post' contract: createCustomer () |
DBC.PUBMPOST-3 |
|
45:
|
"public" method without a '@pre' contract: createCustomer |
DBC.PUBMPRE-3 |
|
52:
|
"public" method without a '@post' contract: updateCustomer () |
DBC.PUBMPOST-3 |
|
52:
|
"public" method without a '@pre' contract: updateCustomer |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/dao/NewsDao.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
6:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.News |
CODSTA.ORG.ORIMP-5 |
|
8:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
8:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
8:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
11:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
11:
|
Missing Javadoc tag '@since' for interface 'NewsDao' |
JAVADOC.ECTT-3 |
|
11:
|
The interface 'NewsDao' is never implemented |
GLOBAL.NIE-4 |
|
11:
|
Missing '@author' Javadoc tag: NewsDao |
JAVADOC.MAJDT-4 |
|
11:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
11:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
11:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
11:
|
Missing '@version' Javadoc tag: NewsDao |
JAVADOC.MVJDT-3 |
|
18:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
18:
|
The '@post'/'@return' tag(s) for the method 'getNews' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
18:
|
"public" method without a '@post' contract: getNews () |
DBC.PUBMPOST-3 |
|
18:
|
"public" method without a '@pre' contract: getNews |
DBC.PUBMPRE-3 |
|
26:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
26:
|
The '@post'/'@return' tag(s) for the method 'getNewsForDate' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
26:
|
"public" method without a '@post' contract: getNewsForDate () |
DBC.PUBMPOST-3 |
|
26:
|
"public" method without a '@pre' contract: getNewsForDate |
DBC.PUBMPRE-3 |
|
26:
|
Inspect usage of the 'Date' object 'date' |
SECURITY.BV.ADT-5 |
|
33:
|
The '@post'/'@return' tag(s) for the method 'getLatestNewsDate' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
33:
|
"public" method without a '@post' contract: getLatestNewsDate () |
DBC.PUBMPOST-3 |
|
33:
|
"public" method without a '@pre' contract: getLatestNewsDate |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/dao/PositionDao.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
6:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.HistoryPoint |
CODSTA.ORG.ORIMP-5 |
|
9:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
9:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
9:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
12:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
12:
|
Missing Javadoc tag '@since' for interface 'PositionDao' |
JAVADOC.ECTT-3 |
|
12:
|
The interface 'PositionDao' is never implemented |
GLOBAL.NIE-4 |
|
12:
|
Globally unused "public" interface: com.parasoft.parabank.dao.PositionDao |
GLOBAL.UPPC-4 |
|
12:
|
Missing '@author' Javadoc tag: PositionDao |
JAVADOC.MAJDT-4 |
|
12:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
12:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
12:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
12:
|
Missing '@version' Javadoc tag: PositionDao |
JAVADOC.MVJDT-3 |
|
20:
|
"public" method without a '@post' contract: getPosition () |
DBC.PUBMPOST-3 |
|
20:
|
"public" method without a '@pre' contract: getPosition |
DBC.PUBMPRE-3 |
|
20:
|
The '@post'/'@return' tag(s) for the method 'getPosition' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
20:
|
Variable 'positionId' does not end with 'int' |
NAMING.UHN-4 |
|
28:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
28:
|
The '@post'/'@return' tag(s) for the method 'getPositionsForCustomerId' do not properly describe whether or not the method
can return null |
JAVADOC.CRN-3 |
|
28:
|
"public" method without a '@post' contract: getPositionsForCustomerId () |
DBC.PUBMPOST-3 |
|
28:
|
"public" method without a '@pre' contract: getPositionsForCustomerId |
DBC.PUBMPRE-3 |
|
28:
|
Variable 'customerId' does not end with 'int' |
NAMING.UHN-4 |
|
39:
|
Line is longer than 80 characters: 88 |
APSC_DV.003215.LL-3 |
|
39:
|
Line is longer than 80 characters: 88 |
FORMAT.LL-3 |
|
39:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
39:
|
The '@post'/'@return' tag(s) for the method 'getPositionHistory' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
39:
|
"public" method without a '@post' contract: getPositionHistory () |
DBC.PUBMPOST-3 |
|
39:
|
"public" method without a '@pre' contract: getPositionHistory |
DBC.PUBMPRE-3 |
|
39:
|
Variable 'positionId' does not end with 'int' |
NAMING.UHN-4 |
|
39:
|
Inspect usage of the 'Date' object 'startDate' |
SECURITY.BV.ADT-5 |
|
39:
|
Inspect usage of the 'Date' object 'endDate' |
SECURITY.BV.ADT-5 |
|
49:
|
"public" method without a '@post' contract: createPosition () |
DBC.PUBMPOST-3 |
|
49:
|
"public" method without a '@pre' contract: createPosition |
DBC.PUBMPRE-3 |
|
57:
|
"public" method without a '@post' contract: updatePosition () |
DBC.PUBMPOST-3 |
|
57:
|
"public" method without a '@pre' contract: updatePosition |
DBC.PUBMPRE-3 |
|
65:
|
"public" method without a '@post' contract: deletePosition () |
DBC.PUBMPOST-3 |
|
65:
|
"public" method without a '@pre' contract: deletePosition |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/dao/TransactionDao.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.Transaction |
CODSTA.ORG.ORIMP-5 |
|
8:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
8:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
8:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
11:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
11:
|
Missing Javadoc tag '@since' for interface 'TransactionDao' |
JAVADOC.ECTT-3 |
|
11:
|
The interface 'TransactionDao' is never implemented |
GLOBAL.NIE-4 |
|
11:
|
Globally unused "public" interface: com.parasoft.parabank.dao.TransactionDao |
GLOBAL.UPPC-4 |
|
11:
|
Missing '@author' Javadoc tag: TransactionDao |
JAVADOC.MAJDT-4 |
|
11:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
11:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
11:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
11:
|
Missing '@version' Javadoc tag: TransactionDao |
JAVADOC.MVJDT-3 |
|
19:
|
"public" method without a '@post' contract: getTransaction () |
DBC.PUBMPOST-3 |
|
19:
|
"public" method without a '@pre' contract: getTransaction |
DBC.PUBMPRE-3 |
|
19:
|
The '@post'/'@return' tag(s) for the method 'getTransaction' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
19:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
27:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
27:
|
The '@post'/'@return' tag(s) for the method 'getTransactionsForAccount' do not properly describe whether or not the method
can return null |
JAVADOC.CRN-3 |
|
27:
|
"public" method without a '@post' contract: getTransactionsForAccount () |
DBC.PUBMPOST-3 |
|
27:
|
"public" method without a '@pre' contract: getTransactionsForAccount |
DBC.PUBMPRE-3 |
|
27:
|
Variable 'accountId' does not end with 'int' |
NAMING.UHN-4 |
|
33:
|
Comment line is longer than 80 characters: 85 |
APSC_DV.003215.LL-3 |
|
33:
|
Comment line is longer than 80 characters: 85 |
FORMAT.LL-3 |
|
36:
|
Line is longer than 80 characters: 93 |
APSC_DV.003215.LL-3 |
|
36:
|
Line is longer than 80 characters: 93 |
FORMAT.LL-3 |
|
36:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
36:
|
The '@post'/'@return' tag(s) for the method 'getTransactionsForAccount' do not properly describe whether or not the method
can return null |
JAVADOC.CRN-3 |
|
36:
|
"public" method without a '@post' contract: getTransactionsForAccount () |
DBC.PUBMPOST-3 |
|
36:
|
"public" method without a '@pre' contract: getTransactionsForAccount |
DBC.PUBMPRE-3 |
|
36:
|
Variable 'accountId' does not end with 'int' |
NAMING.UHN-4 |
|
46:
|
"public" method without a '@post' contract: createTransaction () |
DBC.PUBMPOST-3 |
|
46:
|
"public" method without a '@pre' contract: createTransaction |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/dao/internal/DynamicDataInserter.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
6:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
6:
|
The interface 'DynamicDataInserter' is never implemented |
GLOBAL.NIE-4 |
|
6:
|
Globally unused "public" interface: com.parasoft.parabank.dao.internal.DynamicDataInserter |
GLOBAL.UPPC-4 |
|
6:
|
Missing '@author' Javadoc tag: DynamicDataInserter |
JAVADOC.MAJDT-4 |
|
6:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
6:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
6:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
6:
|
Missing '@version' Javadoc tag: DynamicDataInserter |
JAVADOC.MVJDT-3 |
|
8:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
11:
|
Method 'getDataCount' missing '@return' Javadoc tag |
JAVADOC.MRDC-3 |
|
11:
|
"public" method without a '@post' contract: getDataCount () |
DBC.PUBMPOST-3 |
|
11:
|
"public" method without a '@pre' contract: getDataCount |
DBC.PUBMPRE-3 |
|
13:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
16:
|
"public" method without a '@post' contract: insertData () |
DBC.PUBMPOST-3 |
|
16:
|
"public" method without a '@pre' contract: insertData |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/News.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import" not presented in alphabetical order: com.parasoft.parabank.util.Util |
CODSTA.ORG.ORIMP-5 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
7:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
10:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
10:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
10:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
10:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
10:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
10:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
10:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
10:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
10:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
10:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
10:
|
News has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
10:
|
getter method without an @invariant contract: getId() |
DBC.IGM-3 |
|
10:
|
getter method without an @invariant contract: getDate() |
DBC.IGM-3 |
|
10:
|
getter method without an @invariant contract: getHeadline() |
DBC.IGM-3 |
|
10:
|
getter method without an @invariant contract: getStory() |
DBC.IGM-3 |
|
10:
|
Missing Javadoc tag '@since' for class 'News' |
JAVADOC.ECTT-3 |
|
10:
|
Public clone method missing |
OOP.MUCOP-3 |
|
10:
|
Static creation method missing |
OOP.MUCOP-3 |
|
10:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
10:
|
Missing '@author' Javadoc tag: News |
JAVADOC.MAJDT-4 |
|
10:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
10:
|
Class 'com.parasoft.parabank.domain.News' should be declared "final" |
GLOBAL.SPPC-5 |
|
10:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
10:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
10:
|
"public" class without an '@invariant' contract: News |
DBC.PUBC-3 |
|
10:
|
Missing '@version' Javadoc tag: News |
JAVADOC.MVJDT-3 |
|
10:
|
Number of Javadoc comments are below thresholds (%): 6.0 |
METRICS.PJDC-3 |
|
10:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
10:
|
interface type 'Comparable' is used |
MOBILE.AUI-3 |
|
11:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
11:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
Inspect usage of the 'Date' object 'date' |
SECURITY.BV.ADT-5 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
16:
|
No JUnit test method defined for 'News()' |
JUNIT.TEST-2 |
|
16:
|
Missing Javadoc comment for method 'News()' |
JAVADOC.PJDM-3 |
|
16:
|
Field 'date', declared on line 12, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
16:
|
Field 'story', declared on line 14, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
16:
|
Field 'id', declared on line 11, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
16:
|
Field 'headline', declared on line 13, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
20:
|
No JUnit test method defined for 'News()' |
JUNIT.TEST-2 |
|
20:
|
Missing Javadoc comment for method 'News()' |
JAVADOC.PJDM-3 |
|
20:
|
Globally unused "public" constructor News() |
GLOBAL.UPPM-4 |
|
20:
|
Formal parameter 'id' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'id' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'id' has the same name as a field |
OOP.HMF-3 |
|
20:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
20:
|
Formal parameter 'date' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'date' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'date' has the same name as a field |
OOP.HMF-3 |
|
20:
|
Inspect usage of the 'Date' object 'date' |
SECURITY.BV.ADT-5 |
|
20:
|
Formal parameter 'headline' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'headline' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'headline' has the same name as a field |
OOP.HMF-3 |
|
20:
|
Formal parameter 'story' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'story' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'story' has the same name as a field |
OOP.HMF-3 |
|
27:
|
No JUnit test method defined for 'getId()' |
JUNIT.TEST-2 |
|
27:
|
Globally unused "public" method: getId() |
GLOBAL.UPPM-4 |
|
27:
|
Getter method 'getId()' is not declared "final" |
OPT.MAF-5 |
|
31:
|
Setter method 'setId()' is not declared "final" |
OPT.MAF-5 |
|
31:
|
No JUnit test method defined for 'setId()' |
JUNIT.TEST-2 |
|
31:
|
Globally unused "public" method: setId() |
GLOBAL.UPPM-4 |
|
31:
|
Formal parameter 'id' is not declared as final |
CODSTA.BP.FPF-3 |
|
31:
|
The parameter 'id' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
31:
|
Parameter 'id' has the same name as a field |
OOP.HMF-3 |
|
31:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
35:
|
No JUnit test method defined for 'getDate()' |
JUNIT.TEST-2 |
|
35:
|
The method 'getDate' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
35:
|
Globally unused "public" method: getDate() |
GLOBAL.UPPM-4 |
|
35:
|
Getter method 'getDate()' is not declared "final" |
OPT.MAF-5 |
|
39:
|
Setter method 'setDate()' is not declared "final" |
OPT.MAF-5 |
|
39:
|
No JUnit test method defined for 'setDate()' |
JUNIT.TEST-2 |
|
39:
|
Globally unused "public" method: setDate() |
GLOBAL.UPPM-4 |
|
39:
|
Formal parameter 'date' is not declared as final |
CODSTA.BP.FPF-3 |
|
39:
|
The parameter 'date' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
39:
|
Parameter 'date' has the same name as a field |
OOP.HMF-3 |
|
39:
|
Inspect usage of the 'Date' object 'date' |
SECURITY.BV.ADT-5 |
|
43:
|
No JUnit test method defined for 'getHeadline()' |
JUNIT.TEST-2 |
|
43:
|
The method 'getHeadline' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
43:
|
Globally unused "public" method: getHeadline() |
GLOBAL.UPPM-4 |
|
43:
|
Getter method 'getHeadline()' is not declared "final" |
OPT.MAF-5 |
|
47:
|
Setter method 'setHeadline()' is not declared "final" |
OPT.MAF-5 |
|
47:
|
No JUnit test method defined for 'setHeadline()' |
JUNIT.TEST-2 |
|
47:
|
Globally unused "public" method: setHeadline() |
GLOBAL.UPPM-4 |
|
47:
|
Formal parameter 'headline' is not declared as final |
CODSTA.BP.FPF-3 |
|
47:
|
The parameter 'headline' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
47:
|
Parameter 'headline' has the same name as a field |
OOP.HMF-3 |
|
51:
|
No JUnit test method defined for 'getStory()' |
JUNIT.TEST-2 |
|
51:
|
The method 'getStory' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
51:
|
Globally unused "public" method: getStory() |
GLOBAL.UPPM-4 |
|
51:
|
Getter method 'getStory()' is not declared "final" |
OPT.MAF-5 |
|
55:
|
Setter method 'setStory()' is not declared "final" |
OPT.MAF-5 |
|
55:
|
No JUnit test method defined for 'setStory()' |
JUNIT.TEST-2 |
|
55:
|
Globally unused "public" method: setStory() |
GLOBAL.UPPM-4 |
|
55:
|
Formal parameter 'story' is not declared as final |
CODSTA.BP.FPF-3 |
|
55:
|
The parameter 'story' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
55:
|
Parameter 'story' has the same name as a field |
OOP.HMF-3 |
|
60:
|
No JUnit test method defined for 'hashCode()' |
JUNIT.TEST-2 |
|
60:
|
Missing Javadoc comment for method 'hashCode()' |
JAVADOC.PJDM-3 |
|
61:
|
Variable 'prime' does not end with 'int' |
NAMING.UHN-4 |
|
61:
|
The declaration of the local variable 'prime' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
62:
|
Variable 'result' does not end with 'int' |
NAMING.UHN-4 |
|
62:
|
The declaration of the local variable 'result' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
63:
|
A mutable field "id" is used in the "hashCode" method |
CERT.MET11.IKICO-3 |
|
63:
|
A mutable field "id" is used in the "hashCode" method |
PB.IKICO-3 |
|
71:
|
No JUnit test method defined for 'equals()' |
JUNIT.TEST-2 |
|
71:
|
Missing Javadoc comment for method 'equals()' |
JAVADOC.PJDM-3 |
|
71:
|
Formal parameter 'obj' is not declared as final |
CODSTA.BP.FPF-3 |
|
72:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
72:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
74:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
75:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
75:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
75:
|
"instanceof" operator not used on an "interface", type 'News' is not an interface |
OOP.INSOF-4 |
|
77:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
78:
|
Variable 'other' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
78:
|
The declaration of the local variable 'other' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
78:
|
There is not one single space after type cast |
APSC_DV.003215.CMS-3 |
|
78:
|
There is not one single space after type cast |
FORMAT.CMS-3 |
|
79:
|
Missing '()' to separate complex expression |
APSC_DV.003215.APAREN-3 |
|
79:
|
A mutable field "id" is used in the "equals" method |
CERT.MET11.IKICO-3 |
|
79:
|
Missing '()' to separate complex expression |
FORMAT.APAREN-3 |
|
79:
|
A mutable field "id" is used in the "equals" method |
PB.IKICO-3 |
|
80:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
80:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
81:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
81:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
82:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
82:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
86:
|
The method 'toString' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
86:
|
Missing Javadoc comment for method 'toString()' |
JAVADOC.PJDM-3 |
|
86:
|
Missing Javadoc for 'toString()' |
JAVADOC.TSMJT-3 |
|
86:
|
Missing Javadoc for 'toString()' |
OWASP2019.API9.TSMJT-5 |
|
87:
|
Concatenating strings |
CERT.STR00.COS-3 |
|
87:
|
Non internationalized string: "News [id=" |
INTER.ITT-3 |
|
87:
|
Concatenating strings |
INTER.COS-5 |
|
87:
|
The String literal "News [id=" is used |
SECURITY.WSC.SL-3 |
|
87:
|
Called 'toString()' implicitly on a numeric object |
INTER.NTS-4 |
|
87:
|
Non internationalized string: ", date=" |
INTER.ITT-3 |
|
87:
|
The String literal ", date=" is used |
SECURITY.WSC.SL-3 |
|
87:
|
Called 'toString()' implicitly on a 'Date' object |
INTER.DTS-4 |
|
87:
|
Non internationalized string: ", headline=" |
INTER.ITT-3 |
|
87:
|
The String literal ", headline=" is used |
SECURITY.WSC.SL-3 |
|
88:
|
The String literal ", story=" is used |
SECURITY.WSC.SL-3 |
|
88:
|
Non internationalized string: ", story=" |
INTER.ITT-3 |
|
88:
|
Single character ']' using double quotes in string concatenation |
OPT.STR-3 |
|
88:
|
The String literal "]" is used |
SECURITY.WSC.SL-3 |
|
92:
|
No JUnit test method defined for 'compareTo()' |
JUNIT.TEST-2 |
|
92:
|
Missing Javadoc comment for method 'compareTo()' |
JAVADOC.PJDM-3 |
|
92:
|
Formal parameter 'o' is not declared as final |
CODSTA.BP.FPF-3 |
|
92:
|
The length of the identifier "o" is less than the minimum length (2) |
NAMING.LLI-4 |
|
93:
|
A mutable field "date" is used in the "compareTo" method |
CERT.MET11.IKICO-3 |
|
93:
|
A mutable field "date" is used in the "compareTo" method |
PB.IKICO-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/TransactionCriteria.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
4:
|
"import java.text.DateFormat" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
4:
|
"import java.text.DateFormat" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
6:
|
"import java.util.Date" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
6:
|
"import java.util.Date" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
9:
|
Use 1 blank line before every top-level class (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every top-level class (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
14:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
14:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
14:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
14:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
14:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
14:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
14:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
14:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
14:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
14:
|
getter method without an @invariant contract: getMonth() |
DBC.IGM-3 |
|
14:
|
getter method without an @invariant contract: getTransactionType() |
DBC.IGM-3 |
|
14:
|
getter method without an @invariant contract: getTransactionId() |
DBC.IGM-3 |
|
14:
|
getter method without an @invariant contract: getOnDate() |
DBC.IGM-3 |
|
14:
|
getter method without an @invariant contract: getFromDate() |
DBC.IGM-3 |
|
14:
|
getter method without an @invariant contract: getToDate() |
DBC.IGM-3 |
|
14:
|
getter method without an @invariant contract: getAmount() |
DBC.IGM-3 |
|
14:
|
getter method without an @invariant contract: getSearchType() |
DBC.IGM-3 |
|
14:
|
Missing Javadoc tag '@since' for class 'TransactionCriteria' |
JAVADOC.ECTT-3 |
|
14:
|
Public clone method missing |
OOP.MUCOP-3 |
|
14:
|
Static creation method missing |
OOP.MUCOP-3 |
|
14:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
14:
|
Missing '@author' Javadoc tag: TransactionCriteria |
JAVADOC.MAJDT-4 |
|
14:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
14:
|
Class 'com.parasoft.parabank.domain.TransactionCriteria' should be declared "final" |
GLOBAL.SPPC-5 |
|
14:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
14:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
14:
|
"class" missing a no argument constructor: TransactionCriteria |
CODSTA.POD.DCTOR-5 |
|
14:
|
"public" class without an '@invariant' contract: TransactionCriteria |
DBC.PUBC-3 |
|
14:
|
Missing '@version' Javadoc tag: TransactionCriteria |
JAVADOC.MVJDT-3 |
|
14:
|
Number of Javadoc comments are below thresholds (%): 4.0 |
METRICS.PJDC-3 |
|
14:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
15:
|
Use 1 blank line before every member enum declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
15:
|
Use 1 blank line before every member enum declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
15:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
15:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
15:
|
Missing Javadoc comment for 'SearchType' |
JAVADOC.PJDC-3 |
|
15:
|
Enum 'com.parasoft.parabank.domain.TransactionCriteria.SearchType' should be declared "private" |
GLOBAL.DPPC-4 |
|
15:
|
'SearchType' is an expensive enum declaration |
MOBILE.ENUM-3 |
|
16:
|
Use 1 blank line before every enum constant declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
16:
|
Use 1 blank line before every enum constant declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
16:
|
Enum constant not directly used: ACTIVITY |
GLOBAL.UEC-4 |
|
16:
|
Enum constant not directly used: ID |
GLOBAL.UEC-4 |
|
16:
|
Enum constant not directly used: DATE |
GLOBAL.UEC-4 |
|
16:
|
Enum constant not directly used: DATE_RANGE |
GLOBAL.UEC-4 |
|
16:
|
Enum constant not directly used: AMOUNT |
GLOBAL.UEC-4 |
|
20:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
20:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
20:
|
Field 'month' is not initialized in its declaration |
INIT.CSI-4 |
|
21:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
21:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
21:
|
Field 'transactionType' is not initialized in its declaration |
INIT.CSI-4 |
|
24:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
24:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
24:
|
Field 'transactionId' is not initialized in its declaration |
INIT.CSI-4 |
|
27:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
27:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
27:
|
Field 'onDate' is not initialized in its declaration |
INIT.CSI-4 |
|
27:
|
Inspect usage of the 'Date' object 'onDate' |
SECURITY.BV.ADT-5 |
|
30:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
30:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
30:
|
Field 'fromDate' is not initialized in its declaration |
INIT.CSI-4 |
|
30:
|
Inspect usage of the 'Date' object 'fromDate' |
SECURITY.BV.ADT-5 |
|
31:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
31:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
31:
|
Field 'toDate' is not initialized in its declaration |
INIT.CSI-4 |
|
31:
|
Inspect usage of the 'Date' object 'toDate' |
SECURITY.BV.ADT-5 |
|
34:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
34:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
34:
|
Field 'amount' is not initialized in its declaration |
INIT.CSI-4 |
|
36:
|
Field 'searchType' is not initialized in its declaration |
INIT.CSI-4 |
|
38:
|
Line is longer than 80 characters: 96 |
APSC_DV.003215.LL-3 |
|
38:
|
Line is longer than 80 characters: 96 |
FORMAT.LL-3 |
|
38:
|
Elements in 'TransactionCriteria' not ordered appropriately, first violation: field 'DATE_FORMATTER' at line 38 should be
placed before field 'month' at line 20 |
CODSTA.ORG.FO-3 |
|
38:
|
"static" "final" field 'DATE_FORMATTER' of 'ThreadLocal<DateFormat>' type is mutable |
CWE.582.IMM-3 |
|
38:
|
"static" "final" field 'DATE_FORMATTER' of 'ThreadLocal<DateFormat>' type is mutable |
CWE.607.IMM-3 |
|
38:
|
Missing Javadoc comment for 'DATE_FORMATTER' |
JAVADOC.PJDF-3 |
|
38:
|
"static" "final" field 'DATE_FORMATTER' of 'ThreadLocal<DateFormat>' type is mutable |
PB.CUB.IMM-3 |
|
38:
|
Constant 'DATE_FORMATTER' is not defined in an "interface" |
CODSTA.ORG.DCI-4 |
|
38:
|
Anonymous class: 'ThreadLocal' |
CODSTA.READ.AIC-3 |
|
40:
|
The method 'initialValue' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
41:
|
Instantiating 'SimpleDateFormat' object without a 'Locale' argument |
INTER.SDFL-3 |
|
41:
|
Non internationalized string: "MM-dd-yyyy" |
INTER.ITT-3 |
|
46:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
46:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
46:
|
No JUnit test method defined for 'getMonth()' |
JUNIT.TEST-2 |
|
46:
|
The method 'getMonth' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
46:
|
Globally unused "public" method: getMonth() |
GLOBAL.UPPM-4 |
|
46:
|
Getter method 'getMonth()' is not declared "final" |
OPT.MAF-5 |
|
50:
|
Setter method 'setMonth()' is not declared "final" |
OPT.MAF-5 |
|
50:
|
No JUnit test method defined for 'setMonth()' |
JUNIT.TEST-2 |
|
50:
|
Globally unused "public" method: setMonth() |
GLOBAL.UPPM-4 |
|
50:
|
Formal parameter 'month' is not declared as final |
CODSTA.BP.FPF-3 |
|
50:
|
The parameter 'month' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
50:
|
Parameter 'month' has the same name as a field |
OOP.HMF-3 |
|
54:
|
No JUnit test method defined for 'getTransactionType()' |
JUNIT.TEST-2 |
|
54:
|
The method 'getTransactionType' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
54:
|
Globally unused "public" method: getTransactionType() |
GLOBAL.UPPM-4 |
|
54:
|
Getter method 'getTransactionType()' is not declared "final" |
OPT.MAF-5 |
|
58:
|
Setter method 'setTransactionType()' is not declared "final" |
OPT.MAF-5 |
|
58:
|
No JUnit test method defined for 'setTransactionType()' |
JUNIT.TEST-2 |
|
58:
|
Globally unused "public" method: setTransactionType() |
GLOBAL.UPPM-4 |
|
58:
|
Formal parameter 'transactionType' is not declared as final |
CODSTA.BP.FPF-3 |
|
58:
|
The parameter 'transactionType' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
58:
|
Parameter 'transactionType' has the same name as a field |
OOP.HMF-3 |
|
62:
|
No JUnit test method defined for 'getTransactionId()' |
JUNIT.TEST-2 |
|
62:
|
The method 'getTransactionId' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
62:
|
Globally unused "public" method: getTransactionId() |
GLOBAL.UPPM-4 |
|
62:
|
Getter method 'getTransactionId()' is not declared "final" |
OPT.MAF-5 |
|
66:
|
Setter method 'setTransactionId()' is not declared "final" |
OPT.MAF-5 |
|
66:
|
No JUnit test method defined for 'setTransactionId()' |
JUNIT.TEST-2 |
|
66:
|
Globally unused "public" method: setTransactionId() |
GLOBAL.UPPM-4 |
|
66:
|
Formal parameter 'transactionId' is not declared as final |
CODSTA.BP.FPF-3 |
|
66:
|
The parameter 'transactionId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
66:
|
Parameter 'transactionId' has the same name as a field |
OOP.HMF-3 |
|
70:
|
No JUnit test method defined for 'getOnDate()' |
JUNIT.TEST-2 |
|
70:
|
The method 'getOnDate' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
70:
|
Globally unused "public" method: getOnDate() |
GLOBAL.UPPM-4 |
|
70:
|
Getter method 'getOnDate()' is not declared "final" |
OPT.MAF-5 |
|
74:
|
Setter method 'setOnDate()' is not declared "final" |
OPT.MAF-5 |
|
74:
|
No JUnit test method defined for 'setOnDate()' |
JUNIT.TEST-2 |
|
74:
|
Globally unused "public" method: setOnDate() |
GLOBAL.UPPM-4 |
|
74:
|
Formal parameter 'onDate' is not declared as final |
CODSTA.BP.FPF-3 |
|
74:
|
The parameter 'onDate' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
74:
|
Parameter 'onDate' has the same name as a field |
OOP.HMF-3 |
|
74:
|
Inspect usage of the 'Date' object 'onDate' |
SECURITY.BV.ADT-5 |
|
78:
|
No JUnit test method defined for 'getFromDate()' |
JUNIT.TEST-2 |
|
78:
|
The method 'getFromDate' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
78:
|
Globally unused "public" method: getFromDate() |
GLOBAL.UPPM-4 |
|
78:
|
Getter method 'getFromDate()' is not declared "final" |
OPT.MAF-5 |
|
82:
|
Setter method 'setFromDate()' is not declared "final" |
OPT.MAF-5 |
|
82:
|
No JUnit test method defined for 'setFromDate()' |
JUNIT.TEST-2 |
|
82:
|
Globally unused "public" method: setFromDate() |
GLOBAL.UPPM-4 |
|
82:
|
Formal parameter 'fromDate' is not declared as final |
CODSTA.BP.FPF-3 |
|
82:
|
The parameter 'fromDate' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
82:
|
Parameter 'fromDate' has the same name as a field |
OOP.HMF-3 |
|
82:
|
Inspect usage of the 'Date' object 'fromDate' |
SECURITY.BV.ADT-5 |
|
86:
|
No JUnit test method defined for 'getToDate()' |
JUNIT.TEST-2 |
|
86:
|
The method 'getToDate' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
86:
|
Globally unused "public" method: getToDate() |
GLOBAL.UPPM-4 |
|
86:
|
Getter method 'getToDate()' is not declared "final" |
OPT.MAF-5 |
|
90:
|
Setter method 'setToDate()' is not declared "final" |
OPT.MAF-5 |
|
90:
|
No JUnit test method defined for 'setToDate()' |
JUNIT.TEST-2 |
|
90:
|
Globally unused "public" method: setToDate() |
GLOBAL.UPPM-4 |
|
90:
|
Formal parameter 'toDate' is not declared as final |
CODSTA.BP.FPF-3 |
|
90:
|
The parameter 'toDate' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
90:
|
Parameter 'toDate' has the same name as a field |
OOP.HMF-3 |
|
90:
|
Inspect usage of the 'Date' object 'toDate' |
SECURITY.BV.ADT-5 |
|
94:
|
No JUnit test method defined for 'getAmount()' |
JUNIT.TEST-2 |
|
94:
|
The method 'getAmount' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
94:
|
Globally unused "public" method: getAmount() |
GLOBAL.UPPM-4 |
|
94:
|
Getter method 'getAmount()' is not declared "final" |
OPT.MAF-5 |
|
98:
|
Setter method 'setAmount()' is not declared "final" |
OPT.MAF-5 |
|
98:
|
No JUnit test method defined for 'setAmount()' |
JUNIT.TEST-2 |
|
98:
|
Globally unused "public" method: setAmount() |
GLOBAL.UPPM-4 |
|
98:
|
Formal parameter 'amount' is not declared as final |
CODSTA.BP.FPF-3 |
|
98:
|
The parameter 'amount' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
98:
|
Parameter 'amount' has the same name as a field |
OOP.HMF-3 |
|
102:
|
No JUnit test method defined for 'getSearchType()' |
JUNIT.TEST-2 |
|
102:
|
The method 'getSearchType' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
102:
|
Globally unused "public" method: getSearchType() |
GLOBAL.UPPM-4 |
|
102:
|
Getter method 'getSearchType()' is not declared "final" |
OPT.MAF-5 |
|
106:
|
Setter method 'setSearchType()' is not declared "final" |
OPT.MAF-5 |
|
106:
|
No JUnit test method defined for 'setSearchType()' |
JUNIT.TEST-2 |
|
106:
|
Globally unused "public" method: setSearchType() |
GLOBAL.UPPM-4 |
|
106:
|
Formal parameter 'searchType' is not declared as final |
CODSTA.BP.FPF-3 |
|
106:
|
The parameter 'searchType' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
106:
|
Parameter 'searchType' has the same name as a field |
OOP.HMF-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/logic/AdminParameters.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
4:
|
Misspelled word 'configurable' |
JAVADOC.SPELL-3 |
|
6:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
6:
|
Interface 'AdminParameters' contains only fields |
CODSTA.POD.ACIAP-3 |
|
6:
|
Missing Javadoc tag '@since' for interface 'AdminParameters' |
JAVADOC.ECTT-3 |
|
6:
|
Constant declared in an "interface": 'AdminParameters' |
CODSTA.POD.ISACF-4 |
|
6:
|
Missing '@author' Javadoc tag: AdminParameters |
JAVADOC.MAJDT-4 |
|
6:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
6:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
6:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
6:
|
Missing '@version' Javadoc tag: AdminParameters |
JAVADOC.MVJDT-3 |
|
6:
|
Number of Javadoc comments are below thresholds (%): 10.0 |
METRICS.PJDC-3 |
|
7:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
7:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
7:
|
Missing Javadoc comment for 'ENDPOINT' |
JAVADOC.PJDF-3 |
|
7:
|
Non internationalized string: "endpoint" |
INTER.ITT-3 |
|
8:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
8:
|
Missing Javadoc comment for 'SOAP_ENDPOINT' |
JAVADOC.PJDF-3 |
|
8:
|
Non internationalized string: "soap_endpoint" |
INTER.ITT-3 |
|
9:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
9:
|
Missing Javadoc comment for 'REST_ENDPOINT' |
JAVADOC.PJDF-3 |
|
9:
|
Non internationalized string: "rest_endpoint" |
INTER.ITT-3 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
10:
|
Missing Javadoc comment for 'INITIAL_BALANCE' |
JAVADOC.PJDF-3 |
|
10:
|
Non internationalized string: "initialBalance" |
INTER.ITT-3 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
11:
|
Missing Javadoc comment for 'MINIMUM_BALANCE' |
JAVADOC.PJDF-3 |
|
11:
|
Non internationalized string: "minimumBalance" |
INTER.ITT-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
Missing Javadoc comment for 'LOAN_PROVIDER' |
JAVADOC.PJDF-3 |
|
12:
|
Non internationalized string: "loanProvider" |
INTER.ITT-3 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
13:
|
Missing Javadoc comment for 'LOAN_PROCESSOR' |
JAVADOC.PJDF-3 |
|
13:
|
Non internationalized string: "loanProcessor" |
INTER.ITT-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Missing Javadoc comment for 'LOAN_PROCESSOR_THRESHOLD' |
JAVADOC.PJDF-3 |
|
14:
|
Non internationalized string: "loanProcessorThreshold" |
INTER.ITT-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
15:
|
Missing Javadoc comment for 'ACCESSMODE' |
JAVADOC.PJDF-3 |
|
15:
|
Non internationalized string: "accessmode" |
INTER.ITT-3 |
|
15:
|
Misspelled word 'accessmode' |
JAVADOC.SPELL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/logic/BankManager.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
4:
|
"import java.util.Date" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
4:
|
"import java.util.Date" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
7:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.Account |
CODSTA.ORG.ORIMP-5 |
|
15:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
15:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
15:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
18:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
18:
|
Missing Javadoc tag '@since' for interface 'BankManager' |
JAVADOC.ECTT-3 |
|
18:
|
The interface 'BankManager' is never implemented |
GLOBAL.NIE-4 |
|
18:
|
Missing '@author' Javadoc tag: BankManager |
JAVADOC.MAJDT-4 |
|
18:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
18:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
18:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
18:
|
Missing '@version' Javadoc tag: BankManager |
JAVADOC.MVJDT-3 |
|
18:
|
BankManager contains too many "public" methods: 23 |
METRICS.NPUBM-2 |
|
26:
|
"public" method without a '@post' contract: getCustomer () |
DBC.PUBMPOST-3 |
|
26:
|
"public" method without a '@pre' contract: getCustomer |
DBC.PUBMPRE-3 |
|
26:
|
The '@post'/'@return' tag(s) for the method 'getCustomer' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
26:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
36:
|
The '@post'/'@return' tag(s) for the method 'getCustomer' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
36:
|
"public" method without a '@post' contract: getCustomer () |
DBC.PUBMPOST-3 |
|
36:
|
"public" method without a '@pre' contract: getCustomer |
DBC.PUBMPRE-3 |
|
45:
|
"public" method without a '@post' contract: getCustomer () |
DBC.PUBMPOST-3 |
|
45:
|
"public" method without a '@pre' contract: getCustomer |
DBC.PUBMPRE-3 |
|
45:
|
The '@post'/'@return' tag(s) for the method 'getCustomer' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
55:
|
"public" method without a '@post' contract: createCustomer () |
DBC.PUBMPOST-3 |
|
55:
|
"public" method without a '@pre' contract: createCustomer |
DBC.PUBMPRE-3 |
|
62:
|
"public" method without a '@post' contract: updateCustomer () |
DBC.PUBMPOST-3 |
|
62:
|
"public" method without a '@pre' contract: updateCustomer |
DBC.PUBMPRE-3 |
|
77:
|
Line is longer than 80 characters: 128 |
APSC_DV.003215.LL-3 |
|
77:
|
Line is longer than 80 characters: 128 |
FORMAT.LL-3 |
|
77:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
77:
|
The '@post'/'@return' tag(s) for the method 'buyPosition' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
77:
|
"public" method without a '@post' contract: buyPosition () |
DBC.PUBMPOST-3 |
|
77:
|
"public" method without a '@pre' contract: buyPosition |
DBC.PUBMPRE-3 |
|
77:
|
Variable 'customerId' does not end with 'int' |
NAMING.UHN-4 |
|
77:
|
Variable 'accountId' does not end with 'int' |
NAMING.UHN-4 |
|
77:
|
Variable 'shares' does not end with 'int' |
NAMING.UHN-4 |
|
89:
|
Line is longer than 80 characters: 117 |
APSC_DV.003215.LL-3 |
|
89:
|
Line is longer than 80 characters: 117 |
FORMAT.LL-3 |
|
89:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
89:
|
The '@post'/'@return' tag(s) for the method 'sellPosition' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
89:
|
"public" method without a '@post' contract: sellPosition () |
DBC.PUBMPOST-3 |
|
89:
|
"public" method without a '@pre' contract: sellPosition |
DBC.PUBMPRE-3 |
|
89:
|
Variable 'customerId' does not end with 'int' |
NAMING.UHN-4 |
|
89:
|
Variable 'accountId' does not end with 'int' |
NAMING.UHN-4 |
|
89:
|
Variable 'positionId' does not end with 'int' |
NAMING.UHN-4 |
|
89:
|
Variable 'shares' does not end with 'int' |
NAMING.UHN-4 |
|
97:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
97:
|
The '@post'/'@return' tag(s) for the method 'getPositionsForCustomer' do not properly describe whether or not the method can
return null |
JAVADOC.CRN-3 |
|
97:
|
"public" method without a '@post' contract: getPositionsForCustomer () |
DBC.PUBMPOST-3 |
|
97:
|
"public" method without a '@pre' contract: getPositionsForCustomer |
DBC.PUBMPRE-3 |
|
105:
|
"public" method without a '@post' contract: getPosition () |
DBC.PUBMPOST-3 |
|
105:
|
"public" method without a '@pre' contract: getPosition |
DBC.PUBMPRE-3 |
|
105:
|
The '@post'/'@return' tag(s) for the method 'getPosition' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
105:
|
Variable 'positionId' does not end with 'int' |
NAMING.UHN-4 |
|
116:
|
Line is longer than 80 characters: 88 |
APSC_DV.003215.LL-3 |
|
116:
|
Line is longer than 80 characters: 88 |
FORMAT.LL-3 |
|
116:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
116:
|
The '@post'/'@return' tag(s) for the method 'getPositionHistory' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
116:
|
"public" method without a '@post' contract: getPositionHistory () |
DBC.PUBMPOST-3 |
|
116:
|
"public" method without a '@pre' contract: getPositionHistory |
DBC.PUBMPRE-3 |
|
116:
|
Variable 'positionId' does not end with 'int' |
NAMING.UHN-4 |
|
116:
|
Inspect usage of the 'Date' object 'startDate' |
SECURITY.BV.ADT-5 |
|
116:
|
Inspect usage of the 'Date' object 'endDate' |
SECURITY.BV.ADT-5 |
|
128:
|
Line is longer than 80 characters: 110 |
APSC_DV.003215.LL-3 |
|
128:
|
Line is longer than 80 characters: 110 |
FORMAT.LL-3 |
|
128:
|
The '@post'/'@return' tag(s) for the method 'createPosition' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
128:
|
"public" method without a '@post' contract: createPosition () |
DBC.PUBMPOST-3 |
|
128:
|
"public" method without a '@pre' contract: createPosition |
DBC.PUBMPRE-3 |
|
128:
|
Variable 'customerId' does not end with 'int' |
NAMING.UHN-4 |
|
128:
|
Variable 'shares' does not end with 'int' |
NAMING.UHN-4 |
|
136:
|
"public" method without a '@post' contract: updatePosition () |
DBC.PUBMPOST-3 |
|
136:
|
"public" method without a '@pre' contract: updatePosition |
DBC.PUBMPRE-3 |
|
144:
|
"public" method without a '@post' contract: deletePosition () |
DBC.PUBMPOST-3 |
|
144:
|
"public" method without a '@pre' contract: deletePosition |
DBC.PUBMPRE-3 |
|
152:
|
"public" method without a '@post' contract: getAccount () |
DBC.PUBMPOST-3 |
|
152:
|
"public" method without a '@pre' contract: getAccount |
DBC.PUBMPRE-3 |
|
152:
|
The '@post'/'@return' tag(s) for the method 'getAccount' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
152:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
160:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
160:
|
The '@post'/'@return' tag(s) for the method 'getAccountsForCustomer' do not properly describe whether or not the method can
return null |
JAVADOC.CRN-3 |
|
160:
|
"public" method without a '@post' contract: getAccountsForCustomer () |
DBC.PUBMPOST-3 |
|
160:
|
"public" method without a '@pre' contract: getAccountsForCustomer |
DBC.PUBMPRE-3 |
|
171:
|
"public" method without a '@post' contract: createAccount () |
DBC.PUBMPOST-3 |
|
171:
|
"public" method without a '@pre' contract: createAccount |
DBC.PUBMPRE-3 |
|
171:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
|
179:
|
The '@post'/'@return' tag(s) for the method 'getTransaction' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
179:
|
"public" method without a '@post' contract: getTransaction () |
DBC.PUBMPOST-3 |
|
179:
|
"public" method without a '@pre' contract: getTransaction |
DBC.PUBMPRE-3 |
|
179:
|
Variable 'id' does not end with 'int' |
NAMING.UHN-4 |
|
184:
|
'@param accountId' doesn't match any parameter in 'getTransactionsForAccount' |
JAVADOC.DPMT-3 |
|
184:
|
'@param accountId' doesn't match any parameter in 'getTransactionsForAccount' |
OWASP2019.API9.DPMT-3 |
|
187:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
187:
|
The '@post'/'@return' tag(s) for the method 'getTransactionsForAccount' do not properly describe whether or not the method
can return null |
JAVADOC.CRN-3 |
|
187:
|
Method 'getTransactionsForAccount' is missing '@param account' in Javadoc comment |
JAVADOC.PARAM-3 |
|
187:
|
"public" method without a '@post' contract: getTransactionsForAccount () |
DBC.PUBMPOST-3 |
|
187:
|
"public" method without a '@pre' contract: getTransactionsForAccount |
DBC.PUBMPRE-3 |
|
193:
|
Comment line is longer than 80 characters: 85 |
APSC_DV.003215.LL-3 |
|
193:
|
Comment line is longer than 80 characters: 85 |
FORMAT.LL-3 |
|
196:
|
Line is longer than 80 characters: 93 |
APSC_DV.003215.LL-3 |
|
196:
|
Line is longer than 80 characters: 93 |
FORMAT.LL-3 |
|
196:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
196:
|
The '@post'/'@return' tag(s) for the method 'getTransactionsForAccount' do not properly describe whether or not the method
can return null |
JAVADOC.CRN-3 |
|
196:
|
"public" method without a '@post' contract: getTransactionsForAccount () |
DBC.PUBMPOST-3 |
|
196:
|
"public" method without a '@pre' contract: getTransactionsForAccount |
DBC.PUBMPRE-3 |
|
196:
|
Variable 'accountId' does not end with 'int' |
NAMING.UHN-4 |
|
205:
|
"public" method without a '@post' contract: transfer () |
DBC.PUBMPOST-3 |
|
205:
|
"public" method without a '@pre' contract: transfer |
DBC.PUBMPRE-3 |
|
205:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
|
205:
|
Variable 'toAccountId' does not end with 'int' |
NAMING.UHN-4 |
|
214:
|
The method 'deposit' should include an '@post' or '@return' tag describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
214:
|
Method 'deposit' missing '@return' Javadoc tag |
JAVADOC.MRDC-3 |
|
214:
|
"public" method without a '@post' contract: deposit () |
DBC.PUBMPOST-3 |
|
214:
|
"public" method without a '@pre' contract: deposit |
DBC.PUBMPRE-3 |
|
214:
|
Variable 'accountId' does not end with 'int' |
NAMING.UHN-4 |
|
223:
|
"public" method without a '@post' contract: withdraw () |
DBC.PUBMPOST-3 |
|
223:
|
"public" method without a '@pre' contract: withdraw |
DBC.PUBMPRE-3 |
|
223:
|
Variable 'accountId' does not end with 'int' |
NAMING.UHN-4 |
|
234:
|
The '@post'/'@return' tag(s) for the method 'requestLoan' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
234:
|
"public" method without a '@post' contract: requestLoan () |
DBC.PUBMPOST-3 |
|
234:
|
"public" method without a '@pre' contract: requestLoan |
DBC.PUBMPRE-3 |
|
234:
|
Variable 'customerId' does not end with 'int' |
NAMING.UHN-4 |
|
235:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
235:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
235:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/logic/LoanProvider.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
6:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
6:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
6:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
9:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
9:
|
Missing Javadoc tag '@since' for interface 'LoanProvider' |
JAVADOC.ECTT-3 |
|
9:
|
Missing '@author' Javadoc tag: LoanProvider |
JAVADOC.MAJDT-4 |
|
9:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
9:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
9:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
9:
|
Missing '@version' Javadoc tag: LoanProvider |
JAVADOC.MVJDT-3 |
|
16:
|
"public" method without a '@post' contract: requestLoan () |
DBC.PUBMPOST-3 |
|
16:
|
"public" method without a '@pre' contract: requestLoan |
DBC.PUBMPRE-3 |
|
16:
|
The '@post'/'@return' tag(s) for the method 'requestLoan' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/logic/NewsManager.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
7:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.News |
CODSTA.ORG.ORIMP-5 |
|
9:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
9:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
9:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
12:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
12:
|
Missing Javadoc tag '@since' for interface 'NewsManager' |
JAVADOC.ECTT-3 |
|
12:
|
Missing '@author' Javadoc tag: NewsManager |
JAVADOC.MAJDT-4 |
|
12:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
12:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
12:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
12:
|
Missing '@version' Javadoc tag: NewsManager |
JAVADOC.MVJDT-3 |
|
19:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
19:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
19:
|
The '@post'/'@return' tag(s) for the method 'getLatestNews' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
19:
|
"public" method without a '@post' contract: getLatestNews () |
DBC.PUBMPOST-3 |
|
19:
|
"public" method without a '@pre' contract: getLatestNews |
DBC.PUBMPRE-3 |
|
26:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
26:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
26:
|
The '@post'/'@return' tag(s) for the method 'getNews' do not properly describe whether or not the method can return null |
JAVADOC.CRN-3 |
|
26:
|
"public" method without a '@post' contract: getNews () |
DBC.PUBMPOST-3 |
|
26:
|
"public" method without a '@pre' contract: getNews |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/logic/impl/AbstractLoanProcessor.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import com.parasoft.parabank.domain.logic.AdminManager" not separated by 1 blank line from previous "import" from a different
package |
APSC_DV.003215.BLSIM-3 |
|
5:
|
"import com.parasoft.parabank.domain.logic.AdminManager" not separated by 1 blank line from previous "import" from a different
package |
FORMAT.BLSIM-3 |
|
7:
|
"import com.parasoft.parabank.domain.util.LoanResponseBuilder" not separated by 1 blank line from previous "import" from a
different package |
APSC_DV.003215.BLSIM-3 |
|
7:
|
"import com.parasoft.parabank.domain.util.LoanResponseBuilder" not separated by 1 blank line from previous "import" from a
different package |
FORMAT.BLSIM-3 |
|
9:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
9:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
9:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
12:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
12:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
12:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
12:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
12:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
12:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
12:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
12:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
12:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
12:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
12:
|
Missing Javadoc tag '@since' for class 'AbstractLoanProcessor' |
JAVADOC.ECTT-3 |
|
12:
|
Public clone method missing |
OOP.MUCOP-3 |
|
12:
|
Static creation method missing |
OOP.MUCOP-3 |
|
12:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
12:
|
Class 'com.parasoft.parabank.domain.logic.impl.AbstractLoanProcessor' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
12:
|
Missing '@author' Javadoc tag: AbstractLoanProcessor |
JAVADOC.MAJDT-4 |
|
12:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
12:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
12:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
12:
|
"public" class without an '@invariant' contract: AbstractLoanProcessor |
DBC.PUBC-3 |
|
12:
|
Missing '@version' Javadoc tag: AbstractLoanProcessor |
JAVADOC.MVJDT-3 |
|
12:
|
Number of Javadoc comments are below thresholds (%): 15.0 |
METRICS.PJDC-3 |
|
12:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
12:
|
interface type 'LoanProvider' is used |
MOBILE.AUI-3 |
|
13:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
13:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
13:
|
interface type 'AdminManager' is used |
MOBILE.AUI-3 |
|
13:
|
Missing 'getAdminManager()' method for field 'adminManager' |
BEAN.NFM-4 |
|
15:
|
No JUnit test method defined for 'setAdminManager()' |
JUNIT.TEST-2 |
|
15:
|
Globally unused "public" method: setAdminManager() |
GLOBAL.UPPM-4 |
|
15:
|
Setter method 'setAdminManager()' is not declared "final" |
OPT.MAF-5 |
|
15:
|
interface type 'AdminManager' is used |
MOBILE.AUI-3 |
|
15:
|
Formal parameter 'adminManager' is not declared as final |
CODSTA.BP.FPF-3 |
|
15:
|
The parameter 'adminManager' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
15:
|
Parameter 'adminManager' has the same name as a field |
OOP.HMF-3 |
|
20:
|
No JUnit test method defined for 'requestLoan()' |
JUNIT.TEST-2 |
|
20:
|
Elements in 'AbstractLoanProcessor' not ordered appropriately, first violation: method 'requestLoan' at line 19 should be
placed before method 'setAdminManager' at line 15 |
CODSTA.ORG.FO-3 |
|
20:
|
The method 'requestLoan' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
20:
|
Missing Javadoc comment for method 'requestLoan()' |
JAVADOC.PJDM-3 |
|
20:
|
Formal parameter 'loanRequest' is not declared as final |
CODSTA.BP.FPF-3 |
|
21:
|
The declaration of the local variable 'builder' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
21:
|
The return value of 'accountId()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
22:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
25:
|
Line is longer than 80 characters: 90 |
APSC_DV.003215.LL-3 |
|
25:
|
Line is longer than 80 characters: 90 |
FORMAT.LL-3 |
|
25:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
25:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
27:
|
Non internationalized string: "error.insufficient.funds.for.down.payment" |
INTER.ITT-3 |
|
27:
|
The String literal "error.insufficient.funds.for.down.payment" is used |
SECURITY.WSC.SL-3 |
|
29:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
31:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
31:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
34:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
|
39:
|
Formal parameter 'loanRequest' is not declared as final |
CODSTA.BP.FPF-3 |
|
41:
|
The method 'getErrorMessage' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
44:
|
The declaration of the local variable 'threshold' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
44:
|
Non internationalized string: "loanProcessorThreshold" |
INTER.ITT-3 |
|
44:
|
The String literal "loanProcessorThreshold" is used |
SECURITY.WSC.SL-3 |
|
45:
|
Potentially expensive float operation committed |
MOBILE.FLOATER-3 |
|
45:
|
Called the 'parseInt()' method of class 'Integer' |
INTER.PN-4 |
|
45:
|
The method 'parseInt()' may throw a "NumberFormatException" that is neither caught nor declared to be thrown |
EXCEPT.NFE-3 |
|
45:
|
Literal constant is used: 100.0 |
CODSTA.READ.USN-2 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/logic/impl/AvailableFundsLoanProcessor.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.LoanRequest |
CODSTA.ORG.ORIMP-5 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
7:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
10:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
10:
|
Missing Javadoc tag '@since' for class 'AvailableFundsLoanProcessor' |
JAVADOC.ECTT-3 |
|
10:
|
Globally unused "public" class: com.parasoft.parabank.domain.logic.impl.AvailableFundsLoanProcessor |
GLOBAL.UPPC-4 |
|
10:
|
Missing '@author' Javadoc tag: AvailableFundsLoanProcessor |
JAVADOC.MAJDT-4 |
|
10:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
10:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
10:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
10:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
10:
|
"class" missing a no argument constructor: AvailableFundsLoanProcessor |
CODSTA.POD.DCTOR-5 |
|
10:
|
"public" class without an '@invariant' contract: AvailableFundsLoanProcessor |
DBC.PUBC-3 |
|
10:
|
Missing '@version' Javadoc tag: AvailableFundsLoanProcessor |
JAVADOC.MVJDT-3 |
|
10:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
11:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
No JUnit test method defined for 'getQualifier()' |
JUNIT.TEST-2 |
|
12:
|
Formal parameter 'loanRequest' is not declared as final |
CODSTA.BP.FPF-3 |
|
14:
|
Line is longer than 80 characters: 84 |
APSC_DV.003215.LL-3 |
|
14:
|
Line is longer than 80 characters: 84 |
FORMAT.LL-3 |
|
14:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
14:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
18:
|
No JUnit test method defined for 'getErrorMessage()' |
JUNIT.TEST-2 |
|
18:
|
The method 'getErrorMessage' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
19:
|
Non internationalized string: "error.insufficient.funds" |
INTER.ITT-3 |
|
19:
|
The String literal "error.insufficient.funds" is used |
SECURITY.WSC.SL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/logic/impl/CombinedLoanProcessor.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.LoanRequest |
CODSTA.ORG.ORIMP-5 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
7:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
10:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
10:
|
Missing Javadoc tag '@since' for class 'CombinedLoanProcessor' |
JAVADOC.ECTT-3 |
|
10:
|
Globally unused "public" class: com.parasoft.parabank.domain.logic.impl.CombinedLoanProcessor |
GLOBAL.UPPC-4 |
|
10:
|
Missing '@author' Javadoc tag: CombinedLoanProcessor |
JAVADOC.MAJDT-4 |
|
10:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
10:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
10:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
10:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
10:
|
"class" missing a no argument constructor: CombinedLoanProcessor |
CODSTA.POD.DCTOR-5 |
|
10:
|
"public" class without an '@invariant' contract: CombinedLoanProcessor |
DBC.PUBC-3 |
|
10:
|
Missing '@version' Javadoc tag: CombinedLoanProcessor |
JAVADOC.MVJDT-3 |
|
10:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
11:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
No JUnit test method defined for 'getQualifier()' |
JUNIT.TEST-2 |
|
12:
|
Formal parameter 'loanRequest' is not declared as final |
CODSTA.BP.FPF-3 |
|
14:
|
Line is longer than 80 characters: 85 |
APSC_DV.003215.LL-3 |
|
14:
|
Line is longer than 80 characters: 85 |
FORMAT.LL-3 |
|
14:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
14:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
18:
|
No JUnit test method defined for 'getErrorMessage()' |
JUNIT.TEST-2 |
|
18:
|
The method 'getErrorMessage' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
19:
|
Non internationalized string: "error.insufficient.funds.and.down.payment" |
INTER.ITT-3 |
|
19:
|
The String literal "error.insufficient.funds.and.down.payment" is used |
SECURITY.WSC.SL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/logic/impl/DownPaymentLoanProcessor.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.LoanRequest |
CODSTA.ORG.ORIMP-5 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
7:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
10:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
10:
|
Missing Javadoc tag '@since' for class 'DownPaymentLoanProcessor' |
JAVADOC.ECTT-3 |
|
10:
|
Globally unused "public" class: com.parasoft.parabank.domain.logic.impl.DownPaymentLoanProcessor |
GLOBAL.UPPC-4 |
|
10:
|
Missing '@author' Javadoc tag: DownPaymentLoanProcessor |
JAVADOC.MAJDT-4 |
|
10:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
10:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
10:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
10:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
10:
|
"class" missing a no argument constructor: DownPaymentLoanProcessor |
CODSTA.POD.DCTOR-5 |
|
10:
|
"public" class without an '@invariant' contract: DownPaymentLoanProcessor |
DBC.PUBC-3 |
|
10:
|
Missing '@version' Javadoc tag: DownPaymentLoanProcessor |
JAVADOC.MVJDT-3 |
|
10:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
11:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
No JUnit test method defined for 'getQualifier()' |
JUNIT.TEST-2 |
|
12:
|
Formal parameter 'loanRequest' is not declared as final |
CODSTA.BP.FPF-3 |
|
14:
|
Line is longer than 80 characters: 84 |
APSC_DV.003215.LL-3 |
|
14:
|
Line is longer than 80 characters: 84 |
FORMAT.LL-3 |
|
14:
|
Indentation should be 12 (or 20) spaces |
APSC_DV.003215.IND-3 |
|
14:
|
Indentation should be 12 (or 20) spaces |
FORMAT.IND-3 |
|
18:
|
No JUnit test method defined for 'getErrorMessage()' |
JUNIT.TEST-2 |
|
18:
|
The method 'getErrorMessage' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
19:
|
Non internationalized string: "error.insufficient.down.payment" |
INTER.ITT-3 |
|
19:
|
The String literal "error.insufficient.down.payment" is used |
SECURITY.WSC.SL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/logic/impl/NewsManagerImpl.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
7:
|
"import" not presented in alphabetical order: com.parasoft.parabank.dao.NewsDao |
CODSTA.ORG.ORIMP-5 |
|
8:
|
"import com.parasoft.parabank.domain.News" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
8:
|
"import com.parasoft.parabank.domain.News" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
9:
|
"import com.parasoft.parabank.domain.logic.NewsManager" not separated by 1 blank line from previous "import" from a different
package |
APSC_DV.003215.BLSIM-3 |
|
9:
|
"import com.parasoft.parabank.domain.logic.NewsManager" not separated by 1 blank line from previous "import" from a different
package |
FORMAT.BLSIM-3 |
|
10:
|
"import com.parasoft.parabank.domain.util.NewsUtil" not separated by 1 blank line from previous "import" from a different
package |
APSC_DV.003215.BLSIM-3 |
|
10:
|
"import com.parasoft.parabank.domain.util.NewsUtil" not separated by 1 blank line from previous "import" from a different
package |
FORMAT.BLSIM-3 |
|
12:
|
The file header should be placed before the "package" statement |
CODSTA.ORG.ORCU-3 |
|
15:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
15:
|
Use 1 blank line before every top-level class (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
15:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
15:
|
Use 1 blank line before every top-level class (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
15:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
15:
|
Missing Javadoc comment for 'NewsManagerImpl' |
JAVADOC.PJDC-3 |
|
15:
|
Globally unused "public" class: com.parasoft.parabank.domain.logic.impl.NewsManagerImpl |
GLOBAL.UPPC-4 |
|
15:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
15:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
15:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
15:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
15:
|
"class" missing a no argument constructor: NewsManagerImpl |
CODSTA.POD.DCTOR-5 |
|
15:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
15:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
15:
|
interface type 'NewsManager' is used |
MOBILE.AUI-3 |
|
17:
|
interface type 'NewsDao' is used |
MOBILE.AUI-3 |
|
19:
|
No JUnit test method defined for 'NewsManagerImpl()' |
JUNIT.TEST-2 |
|
19:
|
'public' constructor declared |
CODSTA.BP.CMUTA-3 |
|
19:
|
Missing Javadoc comment for method 'NewsManagerImpl()' |
JAVADOC.PJDM-3 |
|
19:
|
Globally unused "public" constructor NewsManagerImpl() |
GLOBAL.UPPM-4 |
|
19:
|
Flag not present |
SECURITY.WSC.INIVF-4 |
|
19:
|
interface type 'NewsDao' is used |
MOBILE.AUI-3 |
|
19:
|
The parameter 'newsDao' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
19:
|
Parameter 'newsDao' has the same name as a field |
OOP.HMF-3 |
|
28:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
28:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
29:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
29:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
29:
|
No JUnit test method defined for 'getLatestNews()' |
JUNIT.TEST-2 |
|
29:
|
The method 'getLatestNews' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
29:
|
Missing Javadoc comment for method 'getLatestNews()' |
JAVADOC.PJDM-3 |
|
30:
|
The declaration of the local variable 'date' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
30:
|
Inspect usage of the 'Date' object 'date' |
SECURITY.BV.ADT-5 |
|
39:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
39:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
40:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
40:
|
interface type 'List' is used |
MOBILE.AUI-3 |
|
40:
|
No JUnit test method defined for 'getNews()' |
JUNIT.TEST-2 |
|
40:
|
The method 'getNews' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
40:
|
Missing Javadoc comment for method 'getNews()' |
JAVADOC.PJDM-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/util/LoanRequestFactory.java |
|
9:
|
Use 0 blank lines before the package statements |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 0 blank lines before the package statements |
FORMAT.U2BL-3 |
|
13:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.LoanRequest |
CODSTA.ORG.ORIMP-5 |
|
15:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
15:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
15:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
15:
|
Utility class 'LoanRequestFactory' does not have a "private" constructor |
GLOBAL.UCC-2 |
|
15:
|
Missing Javadoc comment for 'LoanRequestFactory' |
JAVADOC.PJDC-3 |
|
15:
|
Name of utility class 'LoanRequestFactory' does not match user-specified regular expression '(Util$)|(Utility$)|(Utilities$)' |
NAMING.UTIL-3 |
|
15:
|
Globally unused "public" class: com.parasoft.parabank.domain.util.LoanRequestFactory |
GLOBAL.UPPC-4 |
|
15:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
15:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
15:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
15:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
15:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
15:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
16:
|
Opening brace '{' is not on the same line as the type declaration |
APSC_DV.003215.FCB-3 |
|
16:
|
Opening brace '{' is not on the same line as the type declaration |
FORMAT.FCB-3 |
|
17:
|
Line is longer than 80 characters: 98 |
APSC_DV.003215.LL-3 |
|
17:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
17:
|
Line is longer than 80 characters: 98 |
FORMAT.LL-3 |
|
17:
|
Use 1 blank line before every method declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
17:
|
No JUnit test method defined for 'create()' |
JUNIT.TEST-2 |
|
17:
|
The method 'create' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
17:
|
Missing Javadoc comment for method 'create()' |
JAVADOC.PJDM-3 |
|
17:
|
Method 'create' could use a return parameter instead of returning a new 'LoanRequest' object |
MOBILE.J2ME.EURP-3 |
|
17:
|
Globally unused "public" method: create() |
GLOBAL.UPPM-4 |
|
17:
|
Formal parameter 'availableFunds' is not declared as final |
CODSTA.BP.FPF-3 |
|
17:
|
Variable 'availableFunds' does not end with 'double' |
NAMING.UHN-4 |
|
17:
|
Formal parameter 'downPayment' is not declared as final |
CODSTA.BP.FPF-3 |
|
17:
|
Variable 'downPayment' does not end with 'double' |
NAMING.UHN-4 |
|
17:
|
Formal parameter 'loanAmount' is not declared as final |
CODSTA.BP.FPF-3 |
|
17:
|
Variable 'loanAmount' does not end with 'double' |
NAMING.UHN-4 |
|
18:
|
Opening brace '{' is not on the same line as the method declaration |
APSC_DV.003215.FCB-3 |
|
18:
|
Opening brace '{' is not on the same line as the method declaration |
FORMAT.FCB-3 |
|
19:
|
The declaration of the local variable 'request' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
20:
|
The 'BigDecimal' constructor is called with a floating point value as an argument |
PB.NUM.BBDCC-2 |
|
20:
|
The 'BigDecimal' constructor is called with a floating point value as an argument |
CERT.NUM10.BBDCC-3 |
|
21:
|
The 'BigDecimal' constructor is called with a floating point value as an argument |
PB.NUM.BBDCC-2 |
|
21:
|
The 'BigDecimal' constructor is called with a floating point value as an argument |
CERT.NUM10.BBDCC-3 |
|
22:
|
The 'BigDecimal' constructor is called with a floating point value as an argument |
PB.NUM.BBDCC-2 |
|
22:
|
The 'BigDecimal' constructor is called with a floating point value as an argument |
CERT.NUM10.BBDCC-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/domain/util/LoanResponseBuilder.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.LoanResponse |
CODSTA.ORG.ORIMP-5 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
7:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
7:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Missing Javadoc comment for 'LoanResponseBuilder' |
JAVADOC.PJDC-3 |
|
7:
|
Public clone method missing |
OOP.MUCOP-3 |
|
7:
|
Static creation method missing |
OOP.MUCOP-3 |
|
7:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
7:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
7:
|
Class 'com.parasoft.parabank.domain.util.LoanResponseBuilder' should be declared "final" |
GLOBAL.SPPC-5 |
|
7:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
7:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
7:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
7:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
8:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
8:
|
Missing 'getResponseDate()' method for field 'responseDate' |
BEAN.NFM-4 |
|
8:
|
Missing 'setResponseDate()' method for field 'responseDate' |
BEAN.NFM-4 |
|
8:
|
Inspect usage of the 'Date' object 'responseDate' |
SECURITY.BV.ADT-5 |
|
9:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
9:
|
Missing 'getLoanProviderName()' method for field 'loanProviderName' |
BEAN.NFM-4 |
|
9:
|
Missing 'setLoanProviderName()' method for field 'loanProviderName' |
BEAN.NFM-4 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
10:
|
Missing 'isApproved()' method for field 'approved' |
BEAN.NFM-4 |
|
10:
|
Missing 'setApproved()' method for field 'approved' |
BEAN.NFM-4 |
|
10:
|
Variable 'approved' does not end with 'boolean' |
NAMING.UHN-4 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
11:
|
Missing 'getMessage()' method for field 'message' |
BEAN.NFM-4 |
|
11:
|
Missing 'setMessage()' method for field 'message' |
BEAN.NFM-4 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
Missing 'getAccountId()' method for field 'accountId' |
BEAN.NFM-4 |
|
12:
|
Missing 'setAccountId()' method for field 'accountId' |
BEAN.NFM-4 |
|
14:
|
No JUnit test method defined for 'LoanResponseBuilder()' |
JUNIT.TEST-2 |
|
14:
|
Missing Javadoc comment for method 'LoanResponseBuilder()' |
JAVADOC.PJDM-3 |
|
14:
|
Field 'approved', declared on line 10, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
14:
|
Field 'accountId', declared on line 12, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
14:
|
Field 'loanProviderName', declared on line 9, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
14:
|
Field 'message', declared on line 11, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
15:
|
Opening brace '{' is not on the same line as the constructor declaration |
APSC_DV.003215.FCB-3 |
|
15:
|
Opening brace '{' is not on the same line as the constructor declaration |
FORMAT.FCB-3 |
|
19:
|
No JUnit test method defined for 'date()' |
JUNIT.TEST-2 |
|
19:
|
The method 'date' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
19:
|
Missing Javadoc comment for method 'date()' |
JAVADOC.PJDM-3 |
|
19:
|
Globally unused "public" method: date() |
GLOBAL.UPPM-4 |
|
19:
|
Method 'date' returns a value, but 'responseDate' changes state on line: '20' |
OOP.CQS-4 |
|
19:
|
Formal parameter 'date' is not declared as final |
CODSTA.BP.FPF-3 |
|
19:
|
Inspect usage of the 'Date' object 'date' |
SECURITY.BV.ADT-5 |
|
20:
|
This assignment may store the original parameter 'date' rather than a copy of the parameter into the field 'responseDate' |
CERT.OBJ05.SMO-1 |
|
20:
|
This assignment may store the original parameter 'date' rather than a copy of the parameter into the field 'responseDate' |
CERT.OBJ06.SMO-2 |
|
20:
|
This assignment may store the original parameter 'date' rather than a copy of the parameter into the field 'responseDate' |
CERT.OBJ04.SMO-3 |
|
20:
|
This assignment may store the original parameter 'date' rather than a copy of the parameter into the field 'responseDate' |
SECURITY.EAB.SMO-3 |
|
24:
|
No JUnit test method defined for 'providerName()' |
JUNIT.TEST-2 |
|
24:
|
The method 'providerName' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
24:
|
Missing Javadoc comment for method 'providerName()' |
JAVADOC.PJDM-3 |
|
24:
|
Globally unused "public" method: providerName() |
GLOBAL.UPPM-4 |
|
24:
|
Method 'providerName' returns a value, but 'loanProviderName' changes state on line: '25' |
OOP.CQS-4 |
|
24:
|
Formal parameter 'name' is not declared as final |
CODSTA.BP.FPF-3 |
|
29:
|
No JUnit test method defined for 'message()' |
JUNIT.TEST-2 |
|
29:
|
The method 'message' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
29:
|
Missing Javadoc comment for method 'message()' |
JAVADOC.PJDM-3 |
|
29:
|
Method 'message' returns a value, but 'message' changes state on line: '30' |
OOP.CQS-4 |
|
29:
|
Method 'message()' should be declared "final" |
GLOBAL.SPPM-5 |
|
29:
|
Formal parameter 'message' is not declared as final |
CODSTA.BP.FPF-3 |
|
29:
|
The parameter 'message' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
29:
|
Parameter 'message' has the same name as a field |
OOP.HMF-3 |
|
34:
|
No JUnit test method defined for 'accountId()' |
JUNIT.TEST-2 |
|
34:
|
The method 'accountId' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
34:
|
Missing Javadoc comment for method 'accountId()' |
JAVADOC.PJDM-3 |
|
34:
|
Method 'accountId' returns a value, but 'accountId' changes state on line: '35' |
OOP.CQS-4 |
|
34:
|
Method 'accountId()' should be declared "final" |
GLOBAL.SPPM-5 |
|
34:
|
Formal parameter 'accountId' is not declared as final |
CODSTA.BP.FPF-3 |
|
34:
|
The parameter 'accountId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
34:
|
Parameter 'accountId' has the same name as a field |
OOP.HMF-3 |
|
39:
|
No JUnit test method defined for 'approved()' |
JUNIT.TEST-2 |
|
39:
|
The method 'approved' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
39:
|
Missing Javadoc comment for method 'approved()' |
JAVADOC.PJDM-3 |
|
39:
|
Method 'approved' returns a value, but 'approved' changes state on line: '40' |
OOP.CQS-4 |
|
39:
|
Method 'approved()' should be declared "final" |
GLOBAL.SPPM-5 |
|
39:
|
Formal parameter 'approved' is not declared as final |
CODSTA.BP.FPF-3 |
|
39:
|
The parameter 'approved' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
39:
|
Parameter 'approved' has the same name as a field |
OOP.HMF-3 |
|
39:
|
Variable 'approved' does not end with 'boolean' |
NAMING.UHN-4 |
|
44:
|
No JUnit test method defined for 'build()' |
JUNIT.TEST-2 |
|
44:
|
The method 'build' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
44:
|
Missing Javadoc comment for method 'build()' |
JAVADOC.PJDM-3 |
|
44:
|
Method 'build' could use a return parameter instead of returning a new 'LoanResponse' object |
MOBILE.J2ME.EURP-3 |
|
44:
|
Method 'build()' should be declared "final" |
GLOBAL.SPPM-5 |
|
45:
|
The declaration of the local variable 'response' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
46:
|
Parenthesis not followed by 1 space |
APSC_DV.003215.SAP-3 |
|
46:
|
Parenthesis not followed by 1 space |
FORMAT.SAP-3 |
|
48:
|
This close brace does not have an end-of-line comment to indicate which statement it goes with |
CODSTA.READ.CCB-3 |
| +
|
50:
|
"this.loanProviderName" is used prior to explicit initialization |
BD.PB.NOTEXPLINIT-1 |
| |
|
AbstractLoanProcessor.java (21): new LoanResponseBuilder()
Source of implicitly initialized value
LoanResponseBuilder.java (9): private String loanProviderName; *** Not explicitly initialized value: this.loanProviderName
LoanResponseBuilder.java (16): responseDate = new Date();
AbstractLoanProcessor.java (21): new LoanResponseBuilder() *** Not explicitly initialized value: new LoanResponseBuilder().loanProviderName
LoanResponseBuilder.java (35): this.accountId = accountId; *** Not explicitly initialized value: this.loanProviderName
LoanResponseBuilder.java (36): return this;
AbstractLoanProcessor.java (21): LoanResponseBuilder builder = new LoanResponseBuilder() *** Not explicitly initialized value: new LoanResponseBuilder() .accountId(0).loanProviderName
LoanResponseBuilder.java (40): this.approved = approved; *** Not explicitly initialized value: this.loanProviderName
LoanResponseBuilder.java (41): return this;
AbstractLoanProcessor.java (25): if (loanRequest.getDownPayment().compareTo(loanRequest.getAvailableFunds()) > 0) { *** Not explicitly initialized value: builder.loanProviderName *** Condition evaluation: (loanRequest.getDownPayment().compareTo(loanRequest.getAvailableFunds()) > 0) (assuming false)
AbstractLoanProcessor.java (31): if (getQualifier(loanRequest) < getThreshold()) { *** Condition evaluation: (getQualifier(loanRequest) < getThreshold()) (assuming false)
AbstractLoanProcessor.java (36): builder.build()
LoanResponseBuilder.java (45): LoanResponse response = new LoanResponse(); *** Not explicitly initialized value: this.loanProviderName
LoanResponseBuilder.java (46): if (accountId.intValue() > 0) { *** Condition evaluation: (accountId.intValue() > 0) (assuming false)
LoanResponseBuilder.java (49): response.setApproved(approved);
Usage point
LoanResponseBuilder.java (50): response.setLoanProviderName(loanProviderName); *** Not explicitly initialized value: this.loanProviderName |
|
| +
|
50:
|
"this.loanProviderName" is used prior to explicit initialization |
CWE.457.NOTEXPLINIT-1 |
| |
|
AbstractLoanProcessor.java (21): new LoanResponseBuilder()
Source of implicitly initialized value
LoanResponseBuilder.java (9): private String loanProviderName; *** Not explicitly initialized value: this.loanProviderName
LoanResponseBuilder.java (16): responseDate = new Date();
AbstractLoanProcessor.java (21): new LoanResponseBuilder() *** Not explicitly initialized value: new LoanResponseBuilder().loanProviderName
LoanResponseBuilder.java (35): this.accountId = accountId; *** Not explicitly initialized value: this.loanProviderName
LoanResponseBuilder.java (36): return this;
AbstractLoanProcessor.java (21): LoanResponseBuilder builder = new LoanResponseBuilder() *** Not explicitly initialized value: new LoanResponseBuilder() .accountId(0).loanProviderName
LoanResponseBuilder.java (40): this.approved = approved; *** Not explicitly initialized value: this.loanProviderName
LoanResponseBuilder.java (41): return this;
AbstractLoanProcessor.java (25): if (loanRequest.getDownPayment().compareTo(loanRequest.getAvailableFunds()) > 0) { *** Not explicitly initialized value: builder.loanProviderName *** Condition evaluation: (loanRequest.getDownPayment().compareTo(loanRequest.getAvailableFunds()) > 0) (assuming false)
AbstractLoanProcessor.java (31): if (getQualifier(loanRequest) < getThreshold()) { *** Condition evaluation: (getQualifier(loanRequest) < getThreshold()) (assuming false)
AbstractLoanProcessor.java (36): builder.build()
LoanResponseBuilder.java (45): LoanResponse response = new LoanResponse(); *** Not explicitly initialized value: this.loanProviderName
LoanResponseBuilder.java (46): if (accountId.intValue() > 0) { *** Condition evaluation: (accountId.intValue() > 0) (assuming false)
LoanResponseBuilder.java (49): response.setApproved(approved);
Usage point
LoanResponseBuilder.java (50): response.setLoanProviderName(loanProviderName); *** Not explicitly initialized value: this.loanProviderName |
|
| +
|
51:
|
"this.message" is used prior to explicit initialization |
BD.PB.NOTEXPLINIT-1 |
| |
|
AbstractLoanProcessor.java (21): new LoanResponseBuilder()
Source of implicitly initialized value
LoanResponseBuilder.java (11): private String message; *** Not explicitly initialized value: this.message
LoanResponseBuilder.java (16): responseDate = new Date();
AbstractLoanProcessor.java (21): new LoanResponseBuilder() *** Not explicitly initialized value: new LoanResponseBuilder().message
LoanResponseBuilder.java (35): this.accountId = accountId; *** Not explicitly initialized value: this.message
LoanResponseBuilder.java (36): return this;
AbstractLoanProcessor.java (21): LoanResponseBuilder builder = new LoanResponseBuilder() *** Not explicitly initialized value: new LoanResponseBuilder() .accountId(0).message
LoanResponseBuilder.java (40): this.approved = approved; *** Not explicitly initialized value: this.message
LoanResponseBuilder.java (41): return this;
AbstractLoanProcessor.java (25): if (loanRequest.getDownPayment().compareTo(loanRequest.getAvailableFunds()) > 0) { *** Not explicitly initialized value: builder.message *** Condition evaluation: (loanRequest.getDownPayment().compareTo(loanRequest.getAvailableFunds()) > 0) (assuming false)
AbstractLoanProcessor.java (31): if (getQualifier(loanRequest) < getThreshold()) { *** Condition evaluation: (getQualifier(loanRequest) < getThreshold()) (assuming false)
AbstractLoanProcessor.java (36): builder.build()
LoanResponseBuilder.java (45): LoanResponse response = new LoanResponse(); *** Not explicitly initialized value: this.message
LoanResponseBuilder.java (46): if (accountId.intValue() > 0) { *** Condition evaluation: (accountId.intValue() > 0) (assuming false)
LoanResponseBuilder.java (49): response.setApproved(approved);
LoanResponseBuilder.java (50): response.setLoanProviderName(loanProviderName);
Usage point
LoanResponseBuilder.java (51): response.setMessage(message); *** Not explicitly initialized value: this.message |
|
| +
|
51:
|
"this.message" is used prior to explicit initialization |
CWE.457.NOTEXPLINIT-1 |
| |
|
AbstractLoanProcessor.java (21): new LoanResponseBuilder()
Source of implicitly initialized value
LoanResponseBuilder.java (11): private String message; *** Not explicitly initialized value: this.message
LoanResponseBuilder.java (16): responseDate = new Date();
AbstractLoanProcessor.java (21): new LoanResponseBuilder() *** Not explicitly initialized value: new LoanResponseBuilder().message
LoanResponseBuilder.java (35): this.accountId = accountId; *** Not explicitly initialized value: this.message
LoanResponseBuilder.java (36): return this;
AbstractLoanProcessor.java (21): LoanResponseBuilder builder = new LoanResponseBuilder() *** Not explicitly initialized value: new LoanResponseBuilder() .accountId(0).message
LoanResponseBuilder.java (40): this.approved = approved; *** Not explicitly initialized value: this.message
LoanResponseBuilder.java (41): return this;
AbstractLoanProcessor.java (25): if (loanRequest.getDownPayment().compareTo(loanRequest.getAvailableFunds()) > 0) { *** Not explicitly initialized value: builder.message *** Condition evaluation: (loanRequest.getDownPayment().compareTo(loanRequest.getAvailableFunds()) > 0) (assuming false)
AbstractLoanProcessor.java (31): if (getQualifier(loanRequest) < getThreshold()) { *** Condition evaluation: (getQualifier(loanRequest) < getThreshold()) (assuming false)
AbstractLoanProcessor.java (36): builder.build()
LoanResponseBuilder.java (45): LoanResponse response = new LoanResponse(); *** Not explicitly initialized value: this.message
LoanResponseBuilder.java (46): if (accountId.intValue() > 0) { *** Condition evaluation: (accountId.intValue() > 0) (assuming false)
LoanResponseBuilder.java (49): response.setApproved(approved);
LoanResponseBuilder.java (50): response.setLoanProviderName(loanProviderName);
Usage point
LoanResponseBuilder.java (51): response.setMessage(message); *** Not explicitly initialized value: this.message |
|
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/messaging/LocalLoanProvider.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import com.parasoft.parabank.domain.logic.LoanProvider" not separated by 1 blank line from previous "import" from a different
package |
APSC_DV.003215.BLSIM-3 |
|
5:
|
"import com.parasoft.parabank.domain.logic.LoanProvider" not separated by 1 blank line from previous "import" from a different
package |
FORMAT.BLSIM-3 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
11:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
11:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
11:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
11:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
11:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
11:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
11:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
11:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
11:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
11:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
11:
|
Missing Javadoc tag '@since' for class 'LocalLoanProvider' |
JAVADOC.ECTT-3 |
|
11:
|
Public clone method missing |
OOP.MUCOP-3 |
|
11:
|
Static creation method missing |
OOP.MUCOP-3 |
|
11:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
11:
|
Globally unused "public" class: com.parasoft.parabank.messaging.LocalLoanProvider |
GLOBAL.UPPC-4 |
|
11:
|
Missing '@author' Javadoc tag: LocalLoanProvider |
JAVADOC.MAJDT-4 |
|
11:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
11:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
11:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
11:
|
"class" missing a no argument constructor: LocalLoanProvider |
CODSTA.POD.DCTOR-5 |
|
11:
|
"public" class without an '@invariant' contract: LocalLoanProvider |
DBC.PUBC-3 |
|
11:
|
Missing '@version' Javadoc tag: LocalLoanProvider |
JAVADOC.MVJDT-3 |
|
11:
|
Number of Javadoc comments are below thresholds (%): 17.0 |
METRICS.PJDC-3 |
|
11:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
11:
|
interface type 'LoanProvider' is used |
MOBILE.AUI-3 |
|
12:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
interface type 'LoanProvider' is used |
MOBILE.AUI-3 |
|
12:
|
Missing 'getLoanProcessor()' method for field 'loanProcessor' |
BEAN.NFM-4 |
|
12:
|
Field 'loanProcessor' is not initialized in its declaration |
INIT.CSI-4 |
|
13:
|
Line is longer than 80 characters: 133 |
APSC_DV.003215.LL-3 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
13:
|
Line is longer than 80 characters: 133 |
FORMAT.LL-3 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
13:
|
Missing 'getLoanProviderName()' method for field 'loanProviderName' |
BEAN.NFM-4 |
|
13:
|
Field 'loanProviderName' is not initialized in its declaration |
INIT.CSI-4 |
|
15:
|
No JUnit test method defined for 'setLoanProcessor()' |
JUNIT.TEST-2 |
|
15:
|
Globally unused "public" method: setLoanProcessor() |
GLOBAL.UPPM-4 |
|
15:
|
Setter method 'setLoanProcessor()' is not declared "final" |
OPT.MAF-5 |
|
15:
|
interface type 'LoanProvider' is used |
MOBILE.AUI-3 |
|
15:
|
Formal parameter 'loanProcessor' is not declared as final |
CODSTA.BP.FPF-3 |
|
15:
|
The parameter 'loanProcessor' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
15:
|
Parameter 'loanProcessor' has the same name as a field |
OOP.HMF-3 |
|
19:
|
No JUnit test method defined for 'setLoanProviderName()' |
JUNIT.TEST-2 |
|
19:
|
Globally unused "public" method: setLoanProviderName() |
GLOBAL.UPPM-4 |
|
19:
|
Setter method 'setLoanProviderName()' is not declared "final" |
OPT.MAF-5 |
|
19:
|
Formal parameter 'loanProviderName' is not declared as final |
CODSTA.BP.FPF-3 |
|
19:
|
The parameter 'loanProviderName' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
19:
|
Parameter 'loanProviderName' has the same name as a field |
OOP.HMF-3 |
| +
|
24:
|
Method "requestLoan" is calling itself |
BD.PB.RECFUN-5 |
| |
|
Recursive method header
LocalLoanProvider.java (24): requestLoan(LoanRequest loanRequest)
Recursive method call
LocalLoanProvider.java (25): LoanResponse loanResponse = loanProcessor.requestLoan(loanRequest);
Recursive method call
ConfigurableLoanProvider.java (73): getLoanProvider().requestLoan(loanRequest) |
|
|
24:
|
No JUnit test method defined for 'requestLoan()' |
JUNIT.TEST-2 |
|
24:
|
The method 'requestLoan' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
24:
|
Missing Javadoc comment for method 'requestLoan()' |
JAVADOC.PJDM-3 |
|
24:
|
Formal parameter 'loanRequest' is not declared as final |
CODSTA.BP.FPF-3 |
|
25:
|
The declaration of the local variable 'loanResponse' is not followed by a comment |
CODSTA.READ.CLV-5 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/service/AdminManagerAware.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
5:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Missing Javadoc comment for 'AdminManagerAware' |
JAVADOC.PJDC-3 |
|
5:
|
Public clone method missing |
OOP.MUCOP-3 |
|
5:
|
Static creation method missing |
OOP.MUCOP-3 |
|
5:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
5:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
5:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
5:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
7:
|
Missing Javadoc comment for method 'setAdminManager()' |
JAVADOC.PJDM-3 |
|
7:
|
interface type 'AdminManager' is used |
MOBILE.AUI-3 |
|
11:
|
Misspelled word 'admin' |
JAVADOC.SPELL-3 |
|
17:
|
interface type 'AdminManager' is used |
MOBILE.AUI-3 |
|
17:
|
The '@post'/'@return' tag(s) for the method 'getAdminManager' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
17:
|
"public" method without a '@post' contract: getAdminManager () |
DBC.PUBMPOST-3 |
|
17:
|
"public" method without a '@pre' contract: getAdminManager |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/service/BankManagerAware.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
5:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
5:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
5:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
5:
|
Missing Javadoc comment for 'BankManagerAware' |
JAVADOC.PJDC-3 |
|
5:
|
Public clone method missing |
OOP.MUCOP-3 |
|
5:
|
Static creation method missing |
OOP.MUCOP-3 |
|
5:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
5:
|
The interface 'BankManagerAware' is never implemented |
GLOBAL.NIE-4 |
|
5:
|
Globally unused "public" interface: com.parasoft.parabank.service.BankManagerAware |
GLOBAL.UPPC-4 |
|
5:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
5:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
5:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
7:
|
Missing Javadoc comment for method 'setBankManager()' |
JAVADOC.PJDM-3 |
|
7:
|
interface type 'BankManager' is used |
MOBILE.AUI-3 |
|
17:
|
interface type 'BankManager' is used |
MOBILE.AUI-3 |
|
17:
|
The '@post'/'@return' tag(s) for the method 'getBankManager' do not properly describe whether or not the method can return
null |
JAVADOC.CRN-3 |
|
17:
|
"public" method without a '@post' contract: getBankManager () |
DBC.PUBMPOST-3 |
|
17:
|
"public" method without a '@pre' contract: getBankManager |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/service/CustomerConstants.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
3:
|
Interface 'CustomerConstants' contains only fields |
CODSTA.POD.ACIAP-3 |
|
3:
|
Missing Javadoc comment for 'CustomerConstants' |
JAVADOC.PJDC-3 |
|
3:
|
Constant declared in an "interface": 'CustomerConstants' |
CODSTA.POD.ISACF-4 |
|
3:
|
Interface 'com.parasoft.parabank.service.CustomerConstants' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
3:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
3:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
3:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
3:
|
'CustomerConstants' contains too many fields: 27 |
METRICS.NOFT-4 |
|
3:
|
CustomerConstants contains too many "public" fields: 27 |
METRICS.NPUBF-2 |
|
3:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
5:
|
Missing Javadoc comment for 'ACCOUNT_ID' |
JAVADOC.PJDF-3 |
|
5:
|
Non internationalized string: "accountId" |
INTER.ITT-3 |
|
7:
|
Missing Javadoc comment for 'BILL_PAY_ACCOUNT_ID_DESC' |
JAVADOC.PJDF-3 |
|
7:
|
Non internationalized string: "Bill payment source account" |
INTER.ITT-3 |
|
9:
|
Missing Javadoc comment for 'CITY' |
JAVADOC.PJDF-3 |
|
9:
|
Non internationalized string: "city" |
INTER.ITT-3 |
|
11:
|
Missing Javadoc comment for 'CITY_DESC' |
JAVADOC.PJDF-3 |
|
11:
|
Non internationalized string: "City" |
INTER.ITT-3 |
|
13:
|
Missing Javadoc comment for 'CUSTOMER_ACCOUNT_DEP_DESC' |
JAVADOC.PJDF-3 |
|
13:
|
Non internationalized string: "Customer funds target account" |
INTER.ITT-3 |
|
15:
|
Missing Javadoc comment for 'CUSTOMER_ACCOUNT_DESC' |
JAVADOC.PJDF-3 |
|
15:
|
Non internationalized string: "Customer funds source account" |
INTER.ITT-3 |
|
17:
|
Missing Javadoc comment for 'CUSTOMER_ACCOUNT_FETCH_DESC' |
JAVADOC.PJDF-3 |
|
17:
|
Non internationalized string: "Account id" |
INTER.ITT-3 |
|
19:
|
Missing Javadoc comment for 'CUSTOMER_FIRST_NAME_DESC' |
JAVADOC.PJDF-3 |
|
19:
|
Non internationalized string: "Customer's given (first) name" |
INTER.ITT-3 |
|
21:
|
Missing Javadoc comment for 'CUSTOMER_ID' |
JAVADOC.PJDF-3 |
|
21:
|
Non internationalized string: "customerId" |
INTER.ITT-3 |
|
23:
|
Missing Javadoc comment for 'CUSTOMER_ID_DESC' |
JAVADOC.PJDF-3 |
|
23:
|
Non internationalized string: "Customer's id" |
INTER.ITT-3 |
|
25:
|
Missing Javadoc comment for 'CUSTOMER_LAST_NAME_DESC' |
JAVADOC.PJDF-3 |
|
25:
|
Non internationalized string: "Customer's surname (last name)" |
INTER.ITT-3 |
|
27:
|
Missing Javadoc comment for 'CUSTOMERS_PASSWORD_DESC' |
JAVADOC.PJDF-3 |
|
27:
|
Non internationalized string: "Customer's password" |
INTER.ITT-3 |
|
29:
|
Missing Javadoc comment for 'CUSTOMERS_USER_NAME_DESC' |
JAVADOC.PJDF-3 |
|
29:
|
Non internationalized string: "Customer's user name" |
INTER.ITT-3 |
|
31:
|
Missing Javadoc comment for 'FIRST_NAME' |
JAVADOC.PJDF-3 |
|
31:
|
Non internationalized string: "firstName" |
INTER.ITT-3 |
|
33:
|
Missing Javadoc comment for 'LAST_NAME' |
JAVADOC.PJDF-3 |
|
33:
|
Non internationalized string: "lastName" |
INTER.ITT-3 |
|
35:
|
Missing Javadoc comment for 'PASSWORD' |
JAVADOC.PJDF-3 |
|
35:
|
Non internationalized string: "password" |
INTER.ITT-3 |
|
37:
|
Missing Javadoc comment for 'PHONE_NUMBER' |
JAVADOC.PJDF-3 |
|
37:
|
Non internationalized string: "phoneNumber" |
INTER.ITT-3 |
|
39:
|
Missing Javadoc comment for 'PHONE_NUMBER_DESC' |
JAVADOC.PJDF-3 |
|
39:
|
Non internationalized string: "Contact Phone Number" |
INTER.ITT-3 |
|
41:
|
Missing Javadoc comment for 'SSN' |
JAVADOC.PJDF-3 |
|
41:
|
Non internationalized string: "ssn" |
INTER.ITT-3 |
|
41:
|
Misspelled word 'ssn' |
JAVADOC.SPELL-3 |
|
43:
|
Missing Javadoc comment for 'SSN_DESC' |
JAVADOC.PJDF-3 |
|
43:
|
Non internationalized string: "Social Security Number" |
INTER.ITT-3 |
|
45:
|
Missing Javadoc comment for 'STATE' |
JAVADOC.PJDF-3 |
|
45:
|
Non internationalized string: "state" |
INTER.ITT-3 |
|
47:
|
Missing Javadoc comment for 'STATE_DESC' |
JAVADOC.PJDF-3 |
|
47:
|
Non internationalized string: "US state or Region name" |
INTER.ITT-3 |
|
49:
|
Missing Javadoc comment for 'STREET' |
JAVADOC.PJDF-3 |
|
49:
|
Non internationalized string: "street" |
INTER.ITT-3 |
|
51:
|
Line is longer than 80 characters: 98 |
APSC_DV.003215.LL-3 |
|
51:
|
Line is longer than 80 characters: 98 |
FORMAT.LL-3 |
|
51:
|
Missing Javadoc comment for 'STREET_ADDRESS_DESC' |
JAVADOC.PJDF-3 |
|
51:
|
Non internationalized string: "Street Address including bilding number and apartment (if any)" |
INTER.ITT-3 |
|
51:
|
Misspelled word 'bilding' |
JAVADOC.SPELL-3 |
|
53:
|
Missing Javadoc comment for 'USERNAME' |
JAVADOC.PJDF-3 |
|
53:
|
Non internationalized string: "username" |
INTER.ITT-3 |
|
55:
|
Missing Javadoc comment for 'ZIP_CODE' |
JAVADOC.PJDF-3 |
|
55:
|
Non internationalized string: "zipCode" |
INTER.ITT-3 |
|
57:
|
Missing Javadoc comment for 'ZIP_CODE_DESC' |
JAVADOC.PJDF-3 |
|
57:
|
Non internationalized string: "ZIP code or province id" |
INTER.ITT-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/service/LoanProcessorServiceImpl.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import com.parasoft.parabank.domain.logic.LoanProvider" not separated by 1 blank line from previous "import" from a different
package |
APSC_DV.003215.BLSIM-3 |
|
5:
|
"import com.parasoft.parabank.domain.logic.LoanProvider" not separated by 1 blank line from previous "import" from a different
package |
FORMAT.BLSIM-3 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Line is longer than 80 characters: 114 |
APSC_DV.003215.LL-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
7:
|
Line is longer than 80 characters: 114 |
FORMAT.LL-3 |
|
7:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
7:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
7:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
7:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
7:
|
getter method without an @invariant contract: getLoanProcessor() |
DBC.IGM-3 |
|
7:
|
getter method without an @invariant contract: getLoanProviderName() |
DBC.IGM-3 |
|
7:
|
Missing Javadoc comment for 'LoanProcessorServiceImpl' |
JAVADOC.PJDC-3 |
|
7:
|
Public clone method missing |
OOP.MUCOP-3 |
|
7:
|
Static creation method missing |
OOP.MUCOP-3 |
|
7:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
7:
|
Globally unused "public" class: com.parasoft.parabank.service.LoanProcessorServiceImpl |
GLOBAL.UPPC-4 |
|
7:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
7:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
7:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
7:
|
"class" missing a no argument constructor: LoanProcessorServiceImpl |
CODSTA.POD.DCTOR-5 |
|
7:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
7:
|
interface type 'LoanProcessorService' is used |
MOBILE.AUI-3 |
|
7:
|
interface type 'LoanProcessorAware' is used |
MOBILE.AUI-3 |
|
7:
|
interface type 'LoanProviderNameAware' is used |
MOBILE.AUI-3 |
|
8:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
8:
|
interface type 'LoanProvider' is used |
MOBILE.AUI-3 |
|
8:
|
Field 'loanProcessor' is not initialized in its declaration |
INIT.CSI-4 |
|
10:
|
Field 'loanProviderName' is not initialized in its declaration |
INIT.CSI-4 |
|
14:
|
interface type 'LoanProvider' is used |
MOBILE.AUI-3 |
|
14:
|
No JUnit test method defined for 'getLoanProcessor()' |
JUNIT.TEST-2 |
|
14:
|
The method 'getLoanProcessor' should include an '@post' or '@return' tag describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
14:
|
Missing Javadoc tag '@since' for method 'getLoanProcessor()' |
JAVADOC.ECTM-3 |
|
14:
|
Method 'getLoanProcessor()' should be declared "final" |
GLOBAL.SPPM-5 |
|
14:
|
"public" method without a '@post' contract: getLoanProcessor () |
DBC.PUBMPOST-3 |
|
14:
|
"public" method without a '@pre' contract: getLoanProcessor |
DBC.PUBMPRE-3 |
|
14:
|
Getter method 'getLoanProcessor()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
"public" method without a '@post' contract: getLoanProviderName () |
DBC.PUBMPOST-3 |
|
20:
|
"public" method without a '@pre' contract: getLoanProviderName |
DBC.PUBMPRE-3 |
|
20:
|
Getter method 'getLoanProviderName()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
No JUnit test method defined for 'getLoanProviderName()' |
JUNIT.TEST-2 |
|
20:
|
The method 'getLoanProviderName' should include an '@post' or '@return' tag describing whether or not the method can return
null |
JAVADOC.CRN-3 |
|
20:
|
Missing Javadoc tag '@since' for method 'getLoanProviderName()' |
JAVADOC.ECTM-3 |
|
20:
|
Method 'getLoanProviderName()' should be declared "final" |
GLOBAL.SPPM-5 |
|
26:
|
Line is longer than 80 characters: 100 |
APSC_DV.003215.LL-3 |
|
26:
|
Line is longer than 80 characters: 100 |
FORMAT.LL-3 |
|
26:
|
No JUnit test method defined for 'requestLoan()' |
JUNIT.TEST-2 |
|
26:
|
The method 'requestLoan' should include an '@post' or '@return' tag describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
26:
|
Missing Javadoc tag '@since' for method 'requestLoan()' |
JAVADOC.ECTM-3 |
|
26:
|
Globally unused "public" method: requestLoan() |
GLOBAL.UPPM-4 |
|
26:
|
"public" method without a '@post' contract: requestLoan () |
DBC.PUBMPOST-3 |
|
26:
|
"public" method without a '@pre' contract: requestLoan |
DBC.PUBMPRE-3 |
|
26:
|
Exception 'ParaBankServiceException' is not thrown in the body of method 'requestLoan' |
GLOBAL.AUT-2 |
|
27:
|
Line is longer than 80 characters: 82 |
APSC_DV.003215.LL-3 |
|
27:
|
Line is longer than 80 characters: 82 |
FORMAT.LL-3 |
|
27:
|
The declaration of the local variable 'response' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
27:
|
Access the field 'loanProcessor' directly instead of using the method 'getLoanProcessor' |
CODSTA.READ.AFD-3 |
|
27:
|
The return value of 'getLoanProcessor()' is not guaranteed by a DbC annotation to be non-null |
DBC.IMNR-3 |
|
27:
|
getter method 'getLoanProcessor' is used |
MOBILE.AMA-3 |
|
28:
|
Access the field 'loanProviderName' directly instead of using the method 'getLoanProviderName' |
CODSTA.READ.AFD-3 |
|
28:
|
getter method 'getLoanProviderName' is used |
MOBILE.AMA-3 |
|
34:
|
No JUnit test method defined for 'setLoanProcessor()' |
JUNIT.TEST-2 |
|
34:
|
Missing Javadoc tag '@since' for method 'setLoanProcessor()' |
JAVADOC.ECTM-3 |
|
34:
|
"public" method without a '@post' contract: setLoanProcessor () |
DBC.PUBMPOST-3 |
|
34:
|
"public" method without a '@pre' contract: setLoanProcessor |
DBC.PUBMPRE-3 |
|
34:
|
Setter method 'setLoanProcessor()' is not declared "final" |
OPT.MAF-5 |
|
34:
|
interface type 'LoanProvider' is used |
MOBILE.AUI-3 |
|
34:
|
The parameter 'loanProcessor' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
34:
|
Parameter 'loanProcessor' has the same name as a field |
OOP.HMF-3 |
|
40:
|
No JUnit test method defined for 'setLoanProviderName()' |
JUNIT.TEST-2 |
|
40:
|
Missing Javadoc tag '@since' for method 'setLoanProviderName()' |
JAVADOC.ECTM-3 |
|
40:
|
"public" method without a '@post' contract: setLoanProviderName () |
DBC.PUBMPOST-3 |
|
40:
|
"public" method without a '@pre' contract: setLoanProviderName |
DBC.PUBMPRE-3 |
|
40:
|
Setter method 'setLoanProviderName()' is not declared "final" |
OPT.MAF-5 |
|
40:
|
The parameter 'loanProviderName' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
40:
|
Parameter 'loanProviderName' has the same name as a field |
OOP.HMF-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/service/ParaBankServiceConstants.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
3:
|
Interface 'ParaBankServiceConstants' contains only fields |
CODSTA.POD.ACIAP-3 |
|
3:
|
Missing Javadoc comment for 'ParaBankServiceConstants' |
JAVADOC.PJDC-3 |
|
3:
|
Constant declared in an "interface": 'ParaBankServiceConstants' |
CODSTA.POD.ISACF-4 |
|
3:
|
Globally unused "public" interface: com.parasoft.parabank.service.ParaBankServiceConstants |
GLOBAL.UPPC-4 |
|
3:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
3:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
3:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
3:
|
'ParaBankServiceConstants' contains too many fields: 25 |
METRICS.NOFT-4 |
|
3:
|
ParaBankServiceConstants contains too many "public" fields: 25 |
METRICS.NPUBF-2 |
|
3:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
3:
|
interface type 'CustomerConstants' is used |
MOBILE.AUI-3 |
|
5:
|
Missing Javadoc comment for 'ACCOUNT_TYPE_DESC' |
JAVADOC.PJDF-3 |
|
5:
|
Non internationalized string: "Account type (CHECKING, SAVINGS, LOAN)" |
INTER.ITT-3 |
|
7:
|
Missing Javadoc comment for 'ACCOUNTS' |
JAVADOC.PJDF-3 |
|
7:
|
Non internationalized string: "Accounts" |
INTER.ITT-3 |
|
9:
|
Missing Javadoc comment for 'AMOUNT_DESC' |
JAVADOC.PJDF-3 |
|
9:
|
Non internationalized string: "Amount" |
INTER.ITT-3 |
|
11:
|
Missing Javadoc comment for 'CUSTOMERS' |
JAVADOC.PJDF-3 |
|
11:
|
Non internationalized string: "Customers" |
INTER.ITT-3 |
|
13:
|
Missing Javadoc comment for 'DATABASE' |
JAVADOC.PJDF-3 |
|
13:
|
Non internationalized string: "Database" |
INTER.ITT-3 |
|
15:
|
Missing Javadoc comment for 'DATE_DESC' |
JAVADOC.PJDF-3 |
|
15:
|
Non internationalized string: "Search specific date" |
INTER.ITT-3 |
|
17:
|
Missing Javadoc comment for 'DOWNPAYMENT_DESC' |
JAVADOC.PJDF-3 |
|
17:
|
Non internationalized string: "Downpayment for the loan" |
INTER.ITT-3 |
|
17:
|
Misspelled word 'Downpayment' |
JAVADOC.SPELL-3 |
|
19:
|
Missing Javadoc comment for 'END_DATE_DESC' |
JAVADOC.PJDF-3 |
|
19:
|
Non internationalized string: "Search ending date" |
INTER.ITT-3 |
|
21:
|
Missing Javadoc comment for 'INSTRUMENT_NAME' |
JAVADOC.PJDF-3 |
|
21:
|
Non internationalized string: "Instrument's Name" |
INTER.ITT-3 |
|
23:
|
Missing Javadoc comment for 'INSTRUMENT_SYMBOL' |
JAVADOC.PJDF-3 |
|
23:
|
Non internationalized string: "Instrument's exchange symbol" |
INTER.ITT-3 |
|
25:
|
Missing Javadoc comment for 'JMS' |
JAVADOC.PJDF-3 |
|
25:
|
Non internationalized string: "JMS" |
INTER.ITT-3 |
|
27:
|
Missing Javadoc comment for 'LOANS' |
JAVADOC.PJDF-3 |
|
27:
|
Non internationalized string: "Loans" |
INTER.ITT-3 |
|
29:
|
Missing Javadoc comment for 'MISC' |
JAVADOC.PJDF-3 |
|
29:
|
Non internationalized string: "Misc" |
INTER.ITT-3 |
|
29:
|
Misspelled word 'Misc' |
JAVADOC.SPELL-3 |
|
31:
|
Missing Javadoc comment for 'MONTH_DESC' |
JAVADOC.PJDF-3 |
|
31:
|
Non internationalized string: "Month to use for the search range" |
INTER.ITT-3 |
|
33:
|
Missing Javadoc comment for 'NUMBER_OF_SHARES_DESC' |
JAVADOC.PJDF-3 |
|
33:
|
Non internationalized string: "number of shares" |
INTER.ITT-3 |
|
35:
|
Missing Javadoc comment for 'PARAMETER_NAME' |
JAVADOC.PJDF-3 |
|
35:
|
Non internationalized string: "Parameter Name" |
INTER.ITT-3 |
|
37:
|
Missing Javadoc comment for 'PARAMETER_VALUE' |
JAVADOC.PJDF-3 |
|
37:
|
Non internationalized string: "Parameter Value" |
INTER.ITT-3 |
|
39:
|
Missing Javadoc comment for 'POSITION_ID_DESC' |
JAVADOC.PJDF-3 |
|
39:
|
Non internationalized string: "Unique identifier for the position" |
INTER.ITT-3 |
|
41:
|
Missing Javadoc comment for 'POSITIONS' |
JAVADOC.PJDF-3 |
|
41:
|
Non internationalized string: "Positions" |
INTER.ITT-3 |
|
43:
|
Missing Javadoc comment for 'PRICE_PER_SHARE_DESC' |
JAVADOC.PJDF-3 |
|
43:
|
Non internationalized string: "Price of each share" |
INTER.ITT-3 |
|
45:
|
Missing Javadoc comment for 'START_DATE_DESC' |
JAVADOC.PJDF-3 |
|
45:
|
Non internationalized string: "Search starting date" |
INTER.ITT-3 |
|
47:
|
Missing Javadoc comment for 'TNS' |
JAVADOC.PJDF-3 |
|
47:
|
Non internationalized string: "http://service.parabank.parasoft.com/" |
INTER.ITT-3 |
|
49:
|
Missing Javadoc comment for 'TRANSACTION_ID_DESC' |
JAVADOC.PJDF-3 |
|
49:
|
Non internationalized string: "Unique identifier for the transaction" |
INTER.ITT-3 |
|
51:
|
Missing Javadoc comment for 'TRANSACTION_TYPE_DESC' |
JAVADOC.PJDF-3 |
|
51:
|
Non internationalized string: "Transaction type (CREDIT, DEBIT)" |
INTER.ITT-3 |
|
53:
|
Missing Javadoc comment for 'TRANSACTIONS' |
JAVADOC.PJDF-3 |
|
53:
|
Non internationalized string: "Transactions" |
INTER.ITT-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/service/ParaBankServiceException.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
6:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
6:
|
Missing Javadoc tag '@since' for class 'ParaBankServiceException' |
JAVADOC.ECTT-3 |
|
6:
|
ParaBankServiceException implements Serializable instead of Externalizable |
SERIAL.EZEE-3 |
|
6:
|
Class 'com.parasoft.parabank.service.ParaBankServiceException' should be declared "package-private" |
GLOBAL.DPPC-4 |
|
6:
|
Missing '@author' Javadoc tag: ParaBankServiceException |
JAVADOC.MAJDT-4 |
|
6:
|
The immutable class not declared 'final' |
SECURITY.WSC.FIMU-4 |
|
6:
|
Class 'com.parasoft.parabank.service.ParaBankServiceException' should be declared "final" |
GLOBAL.SPPC-5 |
|
6:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
6:
|
"public" class without an '@invariant' contract: ParaBankServiceException |
DBC.PUBC-3 |
|
6:
|
Missing '@version' Javadoc tag: ParaBankServiceException |
JAVADOC.MVJDT-3 |
|
7:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
7:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
23:
|
No JUnit test method defined for 'ParaBankServiceException()' |
JUNIT.TEST-2 |
|
23:
|
'public' constructor declared |
CODSTA.BP.CMUTA-3 |
|
23:
|
Missing Javadoc tag '@since' for method 'ParaBankServiceException()' |
JAVADOC.ECTM-3 |
|
23:
|
Flag not present |
SECURITY.WSC.INIVF-4 |
|
23:
|
"public" method without a '@post' contract: ParaBankServiceException () |
DBC.PUBMPOST-3 |
|
23:
|
"public" method without a '@pre' contract: ParaBankServiceException |
DBC.PUBMPRE-3 |
|
35:
|
This '@param' tag does not contain a meaningful description of the parameter |
JAVADOC.MDJT-3 |
|
37:
|
No JUnit test method defined for 'ParaBankServiceException()' |
JUNIT.TEST-2 |
|
37:
|
'public' constructor declared |
CODSTA.BP.CMUTA-3 |
|
37:
|
Missing Javadoc tag '@since' for method 'ParaBankServiceException()' |
JAVADOC.ECTM-3 |
|
37:
|
Flag not present |
SECURITY.WSC.INIVF-4 |
|
37:
|
"public" method without a '@post' contract: ParaBankServiceException () |
DBC.PUBMPOST-3 |
|
37:
|
"public" method without a '@pre' contract: ParaBankServiceException |
DBC.PUBMPRE-3 |
|
49:
|
This '@param' tag does not contain a meaningful description of the parameter |
JAVADOC.MDJT-3 |
|
50:
|
This '@param' tag does not contain a meaningful description of the parameter |
JAVADOC.MDJT-3 |
|
52:
|
Line is longer than 80 characters: 84 |
APSC_DV.003215.LL-3 |
|
52:
|
Line is longer than 80 characters: 84 |
FORMAT.LL-3 |
|
52:
|
No JUnit test method defined for 'ParaBankServiceException()' |
JUNIT.TEST-2 |
|
52:
|
'public' constructor declared |
CODSTA.BP.CMUTA-3 |
|
52:
|
Missing Javadoc tag '@since' for method 'ParaBankServiceException()' |
JAVADOC.ECTM-3 |
|
52:
|
Flag not present |
SECURITY.WSC.INIVF-4 |
|
52:
|
"public" method without a '@post' contract: ParaBankServiceException () |
DBC.PUBMPOST-3 |
|
52:
|
"public" method without a '@pre' contract: ParaBankServiceException |
DBC.PUBMPRE-3 |
|
64:
|
This '@param' tag does not contain a meaningful description of the parameter |
JAVADOC.MDJT-3 |
|
65:
|
This '@param' tag does not contain a meaningful description of the parameter |
JAVADOC.MDJT-3 |
|
66:
|
This '@param' tag does not contain a meaningful description of the parameter |
JAVADOC.MDJT-3 |
|
67:
|
This '@param' tag does not contain a meaningful description of the parameter |
JAVADOC.MDJT-3 |
|
69:
|
Line is longer than 80 characters: 116 |
APSC_DV.003215.LL-3 |
|
69:
|
Line is longer than 80 characters: 116 |
FORMAT.LL-3 |
|
69:
|
No JUnit test method defined for 'ParaBankServiceException()' |
JUNIT.TEST-2 |
|
69:
|
'public' constructor declared |
CODSTA.BP.CMUTA-3 |
|
69:
|
Missing Javadoc tag '@since' for method 'ParaBankServiceException()' |
JAVADOC.ECTM-3 |
|
69:
|
The constructor 'ParaBankServiceException' is more accessible than the constructor in its superclass |
SECURITY.WSC.AMA-3 |
|
69:
|
Flag not present |
SECURITY.WSC.INIVF-4 |
|
69:
|
"public" method without a '@post' contract: ParaBankServiceException () |
DBC.PUBMPOST-3 |
|
69:
|
"public" method without a '@pre' contract: ParaBankServiceException |
DBC.PUBMPRE-3 |
|
69:
|
Variable 'aEnableSuppression' does not end with 'boolean' |
NAMING.UHN-4 |
|
70:
|
Indentation should be 8 (or 16) spaces |
APSC_DV.003215.IND-3 |
|
70:
|
Indentation should be 8 (or 16) spaces |
FORMAT.IND-3 |
|
70:
|
Variable 'aWritableStackTrace' does not end with 'boolean' |
NAMING.UHN-4 |
|
82:
|
This '@param' tag does not contain a meaningful description of the parameter |
JAVADOC.MDJT-3 |
|
84:
|
No JUnit test method defined for 'ParaBankServiceException()' |
JUNIT.TEST-2 |
|
84:
|
'public' constructor declared |
CODSTA.BP.CMUTA-3 |
|
84:
|
Missing Javadoc tag '@since' for method 'ParaBankServiceException()' |
JAVADOC.ECTM-3 |
|
84:
|
Flag not present |
SECURITY.WSC.INIVF-4 |
|
84:
|
"public" method without a '@post' contract: ParaBankServiceException () |
DBC.PUBMPOST-3 |
|
84:
|
"public" method without a '@pre' contract: ParaBankServiceException |
DBC.PUBMPRE-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/util/Constants.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
3:
|
Interface 'Constants' contains only fields |
CODSTA.POD.ACIAP-3 |
|
3:
|
Missing Javadoc comment for 'Constants' |
JAVADOC.PJDC-3 |
|
3:
|
Constant declared in an "interface": 'Constants' |
CODSTA.POD.ISACF-4 |
|
3:
|
Globally unused "public" interface: com.parasoft.parabank.util.Constants |
GLOBAL.UPPC-4 |
|
3:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
3:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
3:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
3:
|
'Constants' contains too many fields: 41 |
METRICS.NOFT-4 |
|
3:
|
Constants contains too many "public" fields: 41 |
METRICS.NPUBF-2 |
|
3:
|
Number of Javadoc comments are below thresholds (%): 0.0 |
METRICS.PJDC-3 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
4:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
4:
|
Missing Javadoc comment for 'ABOUT' |
JAVADOC.PJDF-3 |
|
4:
|
Non internationalized string: "about" |
INTER.ITT-3 |
|
6:
|
Missing Javadoc comment for 'ACTIVITY' |
JAVADOC.PJDF-3 |
|
6:
|
Non internationalized string: "activity" |
INTER.ITT-3 |
|
8:
|
Missing Javadoc comment for 'ADMIN' |
JAVADOC.PJDF-3 |
|
8:
|
Non internationalized string: "admin" |
INTER.ITT-3 |
|
8:
|
Misspelled word 'admin' |
JAVADOC.SPELL-3 |
|
10:
|
Missing Javadoc comment for 'ADMINFORM' |
JAVADOC.PJDF-3 |
|
10:
|
Non internationalized string: "adminForm" |
INTER.ITT-3 |
|
10:
|
Misspelled word 'admin' |
JAVADOC.SPELL-3 |
|
12:
|
Missing Javadoc comment for 'BILLPAY' |
JAVADOC.PJDF-3 |
|
12:
|
Non internationalized string: "billpay" |
INTER.ITT-3 |
|
12:
|
Misspelled word 'billpay' |
JAVADOC.SPELL-3 |
|
14:
|
Missing Javadoc comment for 'BILLPAYFORM' |
JAVADOC.PJDF-3 |
|
14:
|
Non internationalized string: "billPayForm" |
INTER.ITT-3 |
|
16:
|
Missing Javadoc comment for 'CLASS_ADMINFORM' |
JAVADOC.PJDF-3 |
|
16:
|
Non internationalized string: "com.parasoft.parabank.web.form.AdminForm" |
INTER.ITT-3 |
|
18:
|
Missing Javadoc comment for 'CLASS_CONTACTFORM' |
JAVADOC.PJDF-3 |
|
18:
|
Non internationalized string: "com.parasoft.parabank.web.form.ContactForm" |
INTER.ITT-3 |
|
20:
|
Missing Javadoc comment for 'CLASS_CUSTOMERFORM' |
JAVADOC.PJDF-3 |
|
20:
|
Non internationalized string: "com.parasoft.parabank.web.form.CustomerForm" |
INTER.ITT-3 |
|
22:
|
Line is longer than 80 characters: 92 |
APSC_DV.003215.LL-3 |
|
22:
|
Line is longer than 80 characters: 92 |
FORMAT.LL-3 |
|
22:
|
Missing Javadoc comment for 'CLASS_FINDTRANSACTIONFORM' |
JAVADOC.PJDF-3 |
|
22:
|
Non internationalized string: "com.parasoft.parabank.web.form.FindTransactionForm" |
INTER.ITT-3 |
|
24:
|
Missing Javadoc comment for 'CLASS_LOOKUPFORM' |
JAVADOC.PJDF-3 |
|
24:
|
Non internationalized string: "com.parasoft.parabank.web.form.LookupForm" |
INTER.ITT-3 |
|
26:
|
Line is longer than 80 characters: 84 |
APSC_DV.003215.LL-3 |
|
26:
|
Line is longer than 80 characters: 84 |
FORMAT.LL-3 |
|
26:
|
Missing Javadoc comment for 'CLASS_OPENACCOUNTFORM' |
JAVADOC.PJDF-3 |
|
26:
|
Non internationalized string: "com.parasoft.parabank.web.form.OpenAccountForm" |
INTER.ITT-3 |
|
28:
|
Line is longer than 80 characters: 84 |
APSC_DV.003215.LL-3 |
|
28:
|
Line is longer than 80 characters: 84 |
FORMAT.LL-3 |
|
28:
|
Missing Javadoc comment for 'CLASS_REQUESTLOANFORM' |
JAVADOC.PJDF-3 |
|
28:
|
Non internationalized string: "com.parasoft.parabank.web.form.RequestLoanForm" |
INTER.ITT-3 |
|
30:
|
Line is longer than 80 characters: 90 |
APSC_DV.003215.LL-3 |
|
30:
|
Line is longer than 80 characters: 90 |
FORMAT.LL-3 |
|
30:
|
Missing Javadoc comment for 'CLASS_TRANSACTIONCRITERIA' |
JAVADOC.PJDF-3 |
|
30:
|
Non internationalized string: "com.parasoft.parabank.domain.TransactionCriteria" |
INTER.ITT-3 |
|
32:
|
Missing Javadoc comment for 'CLASS_TRANSFERFORM' |
JAVADOC.PJDF-3 |
|
32:
|
Non internationalized string: "com.parasoft.parabank.web.form.TransferForm" |
INTER.ITT-3 |
|
34:
|
Missing Javadoc comment for 'CONTACT' |
JAVADOC.PJDF-3 |
|
34:
|
Non internationalized string: "contact" |
INTER.ITT-3 |
|
36:
|
Missing Javadoc comment for 'CONTACTFORM' |
JAVADOC.PJDF-3 |
|
36:
|
Non internationalized string: "contactForm" |
INTER.ITT-3 |
|
38:
|
Missing Javadoc comment for 'CUSTOMERFORM' |
JAVADOC.PJDF-3 |
|
38:
|
Non internationalized string: "customerForm" |
INTER.ITT-3 |
|
40:
|
Missing Javadoc comment for 'CUSTOMERFORMUPDATE' |
JAVADOC.PJDF-3 |
|
40:
|
Non internationalized string: "customerFormUpdate" |
INTER.ITT-3 |
|
42:
|
Missing Javadoc comment for 'FINDTRANS' |
JAVADOC.PJDF-3 |
|
42:
|
Non internationalized string: "findtrans" |
INTER.ITT-3 |
|
42:
|
Misspelled word 'findtrans' |
JAVADOC.SPELL-3 |
|
44:
|
Missing Javadoc comment for 'FINDTRANSACTIONFORM' |
JAVADOC.PJDF-3 |
|
44:
|
Non internationalized string: "findTransactionForm" |
INTER.ITT-3 |
|
46:
|
Missing Javadoc comment for 'INDEX' |
JAVADOC.PJDF-3 |
|
46:
|
Non internationalized string: "index" |
INTER.ITT-3 |
|
48:
|
Missing Javadoc comment for 'LOGINFORM' |
JAVADOC.PJDF-3 |
|
48:
|
Non internationalized string: "loginform" |
INTER.ITT-3 |
|
48:
|
Misspelled word 'loginform' |
JAVADOC.SPELL-3 |
|
50:
|
Missing Javadoc comment for 'LOOKUP' |
JAVADOC.PJDF-3 |
|
50:
|
Non internationalized string: "lookup" |
INTER.ITT-3 |
|
52:
|
Missing Javadoc comment for 'LOOKUPFORM' |
JAVADOC.PJDF-3 |
|
52:
|
Non internationalized string: "lookupForm" |
INTER.ITT-3 |
|
54:
|
Missing Javadoc comment for 'NEWS' |
JAVADOC.PJDF-3 |
|
54:
|
Non internationalized string: "news" |
INTER.ITT-3 |
|
56:
|
Missing Javadoc comment for 'OPENACCOUNT' |
JAVADOC.PJDF-3 |
|
56:
|
Non internationalized string: "openaccount" |
INTER.ITT-3 |
|
56:
|
Misspelled word 'openaccount' |
JAVADOC.SPELL-3 |
|
58:
|
Missing Javadoc comment for 'OPENACCOUNTFORM' |
JAVADOC.PJDF-3 |
|
58:
|
Non internationalized string: "openAccountForm" |
INTER.ITT-3 |
|
60:
|
Missing Javadoc comment for 'REGISTER' |
JAVADOC.PJDF-3 |
|
60:
|
Non internationalized string: "register" |
INTER.ITT-3 |
|
62:
|
Missing Javadoc comment for 'REQUESTLOAN' |
JAVADOC.PJDF-3 |
|
62:
|
Non internationalized string: "requestloan" |
INTER.ITT-3 |
|
62:
|
Misspelled word 'requestloan' |
JAVADOC.SPELL-3 |
|
64:
|
Missing Javadoc comment for 'REQUESTLOANFORM' |
JAVADOC.PJDF-3 |
|
64:
|
Non internationalized string: "requestLoanForm" |
INTER.ITT-3 |
|
66:
|
Missing Javadoc comment for 'SERVICES' |
JAVADOC.PJDF-3 |
|
66:
|
Non internationalized string: "services" |
INTER.ITT-3 |
|
68:
|
Missing Javadoc comment for 'SITEMAP' |
JAVADOC.PJDF-3 |
|
68:
|
Non internationalized string: "sitemap" |
INTER.ITT-3 |
|
68:
|
Misspelled word 'sitemap' |
JAVADOC.SPELL-3 |
|
70:
|
Missing Javadoc comment for 'TRANSACTION' |
JAVADOC.PJDF-3 |
|
70:
|
Non internationalized string: "transaction" |
INTER.ITT-3 |
|
72:
|
Missing Javadoc comment for 'TRANSACTIONCRITERIA' |
JAVADOC.PJDF-3 |
|
72:
|
Non internationalized string: "transactionCriteria" |
INTER.ITT-3 |
|
74:
|
Missing Javadoc comment for 'TRANSFER' |
JAVADOC.PJDF-3 |
|
74:
|
Non internationalized string: "transfer" |
INTER.ITT-3 |
|
76:
|
Missing Javadoc comment for 'TRANSFERFORM' |
JAVADOC.PJDF-3 |
|
76:
|
Non internationalized string: "transferForm" |
INTER.ITT-3 |
|
78:
|
Missing Javadoc comment for 'UPDATEPROFILE' |
JAVADOC.PJDF-3 |
|
78:
|
Non internationalized string: "updateprofile" |
INTER.ITT-3 |
|
78:
|
Misspelled word 'updateprofile' |
JAVADOC.SPELL-3 |
|
80:
|
Missing Javadoc comment for 'USERSESSION' |
JAVADOC.PJDF-3 |
|
80:
|
Non internationalized string: "userSession" |
INTER.ITT-3 |
|
82:
|
Missing Javadoc comment for 'DB_PATH_FMT' |
JAVADOC.PJDF-3 |
|
82:
|
Non internationalized string: "%1$s/WEB-INF/db/%2$s" |
INTER.ITT-3 |
|
84:
|
Missing Javadoc comment for 'RAML_PATH_FMT' |
JAVADOC.PJDF-3 |
|
84:
|
Non internationalized string: "%1$s/raml/%2$s" |
INTER.ITT-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/web/UserSession.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
8:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
getter method without an @invariant contract: getCustomer() |
DBC.IGM-3 |
|
8:
|
Missing Javadoc tag '@since' for class 'UserSession' |
JAVADOC.ECTT-3 |
|
8:
|
Public clone method missing |
OOP.MUCOP-3 |
|
8:
|
Static creation method missing |
OOP.MUCOP-3 |
|
8:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
8:
|
Globally unused "public" class: com.parasoft.parabank.web.UserSession |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: UserSession |
JAVADOC.MAJDT-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
"class" missing a no argument constructor: UserSession |
CODSTA.POD.DCTOR-5 |
|
8:
|
"public" class without an '@invariant' contract: UserSession |
DBC.PUBC-3 |
|
8:
|
Missing '@version' Javadoc tag: UserSession |
JAVADOC.MVJDT-3 |
|
8:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
11:
|
No JUnit test method defined for 'UserSession()' |
JUNIT.TEST-2 |
|
11:
|
Missing Javadoc comment for method 'UserSession()' |
JAVADOC.PJDM-3 |
|
11:
|
Globally unused "public" constructor UserSession() |
GLOBAL.UPPM-4 |
|
11:
|
Formal parameter 'customer' is not declared as final |
CODSTA.BP.FPF-3 |
|
11:
|
The parameter 'customer' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
11:
|
Parameter 'customer' has the same name as a field |
OOP.HMF-3 |
|
15:
|
No JUnit test method defined for 'getCustomer()' |
JUNIT.TEST-2 |
|
15:
|
The method 'getCustomer' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
15:
|
Missing Javadoc comment for method 'getCustomer()' |
JAVADOC.PJDM-3 |
|
15:
|
Globally unused "public" method: getCustomer() |
GLOBAL.UPPM-4 |
|
15:
|
Getter method 'getCustomer()' is not declared "final" |
OPT.MAF-5 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/web/form/AdminForm.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
4:
|
"import java.util.HashMap" not separated by 1 blank line from previous "import" from a different package |
APSC_DV.003215.BLSIM-3 |
|
4:
|
"import java.util.HashMap" not separated by 1 blank line from previous "import" from a different package |
FORMAT.BLSIM-3 |
|
7:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.logic.AdminParameters |
CODSTA.ORG.ORIMP-5 |
|
9:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
9:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
9:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
10:
|
Misspelled word 'admin' |
JAVADOC.SPELL-3 |
|
12:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
12:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
12:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
12:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
12:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
12:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
12:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
12:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
12:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
12:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
12:
|
getter method without an @invariant contract: getAccessMode() |
DBC.IGM-3 |
|
12:
|
getter method without an @invariant contract: getEndpoint() |
DBC.IGM-3 |
|
12:
|
getter method without an @invariant contract: getInitialBalance() |
DBC.IGM-3 |
|
12:
|
getter method without an @invariant contract: getLoanProcessor() |
DBC.IGM-3 |
|
12:
|
getter method without an @invariant contract: getLoanProcessorThreshold() |
DBC.IGM-3 |
|
12:
|
getter method without an @invariant contract: getLoanProvider() |
DBC.IGM-3 |
|
12:
|
getter method without an @invariant contract: getMinimumBalance() |
DBC.IGM-3 |
|
12:
|
getter method without an @invariant contract: getRestEndpoint() |
DBC.IGM-3 |
|
12:
|
getter method without an @invariant contract: getSoapEndpoint() |
DBC.IGM-3 |
|
12:
|
Missing Javadoc tag '@since' for class 'AdminForm' |
JAVADOC.ECTT-3 |
|
12:
|
Public clone method missing |
OOP.MUCOP-3 |
|
12:
|
Static creation method missing |
OOP.MUCOP-3 |
|
12:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
12:
|
Globally unused "public" class: com.parasoft.parabank.web.form.AdminForm |
GLOBAL.UPPC-4 |
|
12:
|
Missing '@author' Javadoc tag: AdminForm |
JAVADOC.MAJDT-4 |
|
12:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
12:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
12:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
12:
|
"class" missing a no argument constructor: AdminForm |
CODSTA.POD.DCTOR-5 |
|
12:
|
"public" class without an '@invariant' contract: AdminForm |
DBC.PUBC-3 |
|
12:
|
Missing '@version' Javadoc tag: AdminForm |
JAVADOC.MVJDT-3 |
|
12:
|
AdminForm contains too many "public" methods: 20 |
METRICS.NPUBM-2 |
|
12:
|
Number of Javadoc comments are below thresholds (%): 4.0 |
METRICS.PJDC-3 |
|
12:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
14:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Field 'endpoint' is not initialized in its declaration |
INIT.CSI-4 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
15:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
15:
|
Field 'soapEndpoint' is not initialized in its declaration |
INIT.CSI-4 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
16:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
16:
|
Field 'restEndpoint' is not initialized in its declaration |
INIT.CSI-4 |
|
17:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
17:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
17:
|
Field 'initialBalance' is not initialized in its declaration |
INIT.CSI-4 |
|
18:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
18:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
18:
|
Field 'minimumBalance' is not initialized in its declaration |
INIT.CSI-4 |
|
19:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
19:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
19:
|
Field 'loanProvider' is not initialized in its declaration |
INIT.CSI-4 |
|
20:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
20:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
20:
|
Field 'loanProcessor' is not initialized in its declaration |
INIT.CSI-4 |
|
21:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
21:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
21:
|
Field 'loanProcessorThreshold' is not initialized in its declaration |
INIT.CSI-4 |
|
22:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
22:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
22:
|
Field 'accessMode' is not initialized in its declaration |
INIT.CSI-4 |
|
24:
|
No JUnit test method defined for 'getAccessMode()' |
JUNIT.TEST-2 |
|
24:
|
The method 'getAccessMode' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
24:
|
Globally unused "public" method: getAccessMode() |
GLOBAL.UPPM-4 |
|
24:
|
Getter method 'getAccessMode()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
Getter method 'getEndpoint()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
No JUnit test method defined for 'getEndpoint()' |
JUNIT.TEST-2 |
|
28:
|
The method 'getEndpoint' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
28:
|
Globally unused "public" method: getEndpoint() |
GLOBAL.UPPM-4 |
|
34:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
34:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
34:
|
No JUnit test method defined for 'getInitialBalance()' |
JUNIT.TEST-2 |
|
34:
|
The method 'getInitialBalance' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
34:
|
Globally unused "public" method: getInitialBalance() |
GLOBAL.UPPM-4 |
|
34:
|
Getter method 'getInitialBalance()' is not declared "final" |
OPT.MAF-5 |
|
38:
|
Getter method 'getLoanProcessor()' is not declared "final" |
OPT.MAF-5 |
|
38:
|
No JUnit test method defined for 'getLoanProcessor()' |
JUNIT.TEST-2 |
|
38:
|
The method 'getLoanProcessor' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
38:
|
Globally unused "public" method: getLoanProcessor() |
GLOBAL.UPPM-4 |
|
42:
|
No JUnit test method defined for 'getLoanProcessorThreshold()' |
JUNIT.TEST-2 |
|
42:
|
The method 'getLoanProcessorThreshold' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
42:
|
Globally unused "public" method: getLoanProcessorThreshold() |
GLOBAL.UPPM-4 |
|
42:
|
Getter method 'getLoanProcessorThreshold()' is not declared "final" |
OPT.MAF-5 |
|
46:
|
Getter method 'getLoanProvider()' is not declared "final" |
OPT.MAF-5 |
|
46:
|
No JUnit test method defined for 'getLoanProvider()' |
JUNIT.TEST-2 |
|
46:
|
The method 'getLoanProvider' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
46:
|
Globally unused "public" method: getLoanProvider() |
GLOBAL.UPPM-4 |
|
50:
|
No JUnit test method defined for 'getMinimumBalance()' |
JUNIT.TEST-2 |
|
50:
|
The method 'getMinimumBalance' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
50:
|
Globally unused "public" method: getMinimumBalance() |
GLOBAL.UPPM-4 |
|
50:
|
Getter method 'getMinimumBalance()' is not declared "final" |
OPT.MAF-5 |
|
54:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
54:
|
No JUnit test method defined for 'getParameters()' |
JUNIT.TEST-2 |
|
54:
|
The method 'getParameters' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
54:
|
Missing Javadoc comment for method 'getParameters()' |
JAVADOC.PJDM-3 |
|
54:
|
Globally unused "public" method: getParameters() |
GLOBAL.UPPM-4 |
|
55:
|
Anonymous class: 'HashMap' |
CODSTA.READ.AIC-3 |
|
55:
|
Initial container capacity is not specified |
OPT.DIC-3 |
|
55:
|
Class extends 'HashMap', which implements 'Map' |
PB.API.ECMC-5 |
|
55:
|
Class extends 'HashMap' |
PB.API.EHM-3 |
|
55:
|
Non-static initializer is used |
CODSTA.READ.NSI-3 |
|
56:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
56:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
57:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
57:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
57:
|
Comma not followed by 1 space |
APSC_DV.003215.SAC-3 |
|
57:
|
Comma not followed by 1 space |
FORMAT.SAC-3 |
|
58:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
58:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
59:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
59:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
60:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
60:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
60:
|
Called 'toString()' on a numeric object |
INTER.NTS-4 |
|
61:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
61:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
61:
|
Called 'toString()' on a numeric object |
INTER.NTS-4 |
|
62:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
62:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
63:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
63:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
64:
|
Line is longer than 80 characters: 93 |
APSC_DV.003215.LL-3 |
|
64:
|
Line is longer than 80 characters: 93 |
FORMAT.LL-3 |
|
64:
|
Indentation should be 16 (or 24) spaces |
APSC_DV.003215.IND-3 |
|
64:
|
Indentation should be 16 (or 24) spaces |
FORMAT.IND-3 |
|
64:
|
Called 'toString()' on a numeric object |
INTER.NTS-4 |
|
68:
|
No JUnit test method defined for 'getRestEndpoint()' |
JUNIT.TEST-2 |
|
68:
|
The method 'getRestEndpoint' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
68:
|
Globally unused "public" method: getRestEndpoint() |
GLOBAL.UPPM-4 |
|
68:
|
Getter method 'getRestEndpoint()' is not declared "final" |
OPT.MAF-5 |
|
72:
|
Getter method 'getSoapEndpoint()' is not declared "final" |
OPT.MAF-5 |
|
72:
|
No JUnit test method defined for 'getSoapEndpoint()' |
JUNIT.TEST-2 |
|
72:
|
The method 'getSoapEndpoint' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
72:
|
Globally unused "public" method: getSoapEndpoint() |
GLOBAL.UPPM-4 |
|
76:
|
No JUnit test method defined for 'setAccessMode()' |
JUNIT.TEST-2 |
|
76:
|
Globally unused "public" method: setAccessMode() |
GLOBAL.UPPM-4 |
|
76:
|
Setter method 'setAccessMode()' is not declared "final" |
OPT.MAF-5 |
|
80:
|
Setter method 'setEndpoint()' is not declared "final" |
OPT.MAF-5 |
|
80:
|
No JUnit test method defined for 'setEndpoint()' |
JUNIT.TEST-2 |
|
80:
|
Globally unused "public" method: setEndpoint() |
GLOBAL.UPPM-4 |
|
80:
|
The parameter 'endpoint' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
80:
|
Parameter 'endpoint' has the same name as a field |
OOP.HMF-3 |
|
84:
|
No JUnit test method defined for 'setInitialBalance()' |
JUNIT.TEST-2 |
|
84:
|
Globally unused "public" method: setInitialBalance() |
GLOBAL.UPPM-4 |
|
84:
|
Setter method 'setInitialBalance()' is not declared "final" |
OPT.MAF-5 |
|
84:
|
The parameter 'initialBalance' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
84:
|
Parameter 'initialBalance' has the same name as a field |
OOP.HMF-3 |
|
88:
|
No JUnit test method defined for 'setLoanProcessor()' |
JUNIT.TEST-2 |
|
88:
|
Globally unused "public" method: setLoanProcessor() |
GLOBAL.UPPM-4 |
|
88:
|
Setter method 'setLoanProcessor()' is not declared "final" |
OPT.MAF-5 |
|
88:
|
The parameter 'loanProcessor' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
88:
|
Parameter 'loanProcessor' has the same name as a field |
OOP.HMF-3 |
|
92:
|
Line is longer than 80 characters: 81 |
APSC_DV.003215.LL-3 |
|
92:
|
Line is longer than 80 characters: 81 |
FORMAT.LL-3 |
|
92:
|
No JUnit test method defined for 'setLoanProcessorThreshold()' |
JUNIT.TEST-2 |
|
92:
|
Globally unused "public" method: setLoanProcessorThreshold() |
GLOBAL.UPPM-4 |
|
92:
|
Setter method 'setLoanProcessorThreshold()' is not declared "final" |
OPT.MAF-5 |
|
92:
|
The parameter 'loanProcessorThreshold' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
92:
|
Parameter 'loanProcessorThreshold' has the same name as a field |
OOP.HMF-3 |
|
96:
|
No JUnit test method defined for 'setLoanProvider()' |
JUNIT.TEST-2 |
|
96:
|
Globally unused "public" method: setLoanProvider() |
GLOBAL.UPPM-4 |
|
96:
|
Setter method 'setLoanProvider()' is not declared "final" |
OPT.MAF-5 |
|
96:
|
The parameter 'loanProvider' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
96:
|
Parameter 'loanProvider' has the same name as a field |
OOP.HMF-3 |
|
100:
|
No JUnit test method defined for 'setMinimumBalance()' |
JUNIT.TEST-2 |
|
100:
|
Globally unused "public" method: setMinimumBalance() |
GLOBAL.UPPM-4 |
|
100:
|
Setter method 'setMinimumBalance()' is not declared "final" |
OPT.MAF-5 |
|
100:
|
The parameter 'minimumBalance' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
100:
|
Parameter 'minimumBalance' has the same name as a field |
OOP.HMF-3 |
|
104:
|
No JUnit test method defined for 'setParameters()' |
JUNIT.TEST-2 |
|
104:
|
Missing Javadoc comment for method 'setParameters()' |
JAVADOC.PJDM-3 |
|
104:
|
Globally unused "public" method: setParameters() |
GLOBAL.UPPM-4 |
|
104:
|
interface type 'Map' is used |
MOBILE.AUI-3 |
|
109:
|
Variable 'varString' is not declared at the beginning of the block |
CODSTA.READ.PDBB-4 |
|
109:
|
The declaration of the local variable 'varString' is not followed by a comment |
CODSTA.READ.CLV-5 |
|
110:
|
Line is longer than 80 characters: 105 |
APSC_DV.003215.LL-3 |
|
110:
|
Line is longer than 80 characters: 105 |
FORMAT.LL-3 |
|
110:
|
Missing '()' to separate complex expression |
APSC_DV.003215.APAREN-3 |
|
110:
|
Missing '()' to separate complex expression |
FORMAT.APAREN-3 |
|
110:
|
The String literal "515.55" is used |
SECURITY.WSC.SL-3 |
|
112:
|
Line is longer than 80 characters: 105 |
APSC_DV.003215.LL-3 |
|
112:
|
Line is longer than 80 characters: 105 |
FORMAT.LL-3 |
|
112:
|
Missing '()' to separate complex expression |
APSC_DV.003215.APAREN-3 |
|
112:
|
Missing '()' to separate complex expression |
FORMAT.APAREN-3 |
|
112:
|
The String literal "100.00" is used |
SECURITY.WSC.SL-3 |
|
115:
|
There is not 1 space after 'varString' |
APSC_DV.003215.SAOP-3 |
|
115:
|
There is not 1 space after 'varString' |
FORMAT.SAOP-3 |
|
115:
|
There is not 1 space after '=' |
APSC_DV.003215.SAOP-3 |
|
115:
|
There is not 1 space after '=' |
FORMAT.SAOP-3 |
|
116:
|
Line is longer than 80 characters: 111 |
APSC_DV.003215.LL-3 |
|
116:
|
Line is longer than 80 characters: 111 |
FORMAT.LL-3 |
|
116:
|
The primitive type 'int' will require automatic boxing here |
CODSTA.READ.ABUB-4 |
|
116:
|
The method 'parseInt()' may throw a "NumberFormatException" that is neither caught nor declared to be thrown |
EXCEPT.NFE-3 |
|
116:
|
Called the 'parseInt()' method of class 'Integer' |
INTER.PN-4 |
|
116:
|
Missing '()' to separate complex expression |
APSC_DV.003215.APAREN-3 |
|
116:
|
Missing '()' to separate complex expression |
FORMAT.APAREN-3 |
|
116:
|
The String literal "20" is used |
SECURITY.WSC.SL-3 |
|
119:
|
Setter method 'setRestEndpoint()' is not declared "final" |
OPT.MAF-5 |
|
119:
|
No JUnit test method defined for 'setRestEndpoint()' |
JUNIT.TEST-2 |
|
119:
|
Globally unused "public" method: setRestEndpoint() |
GLOBAL.UPPM-4 |
|
123:
|
No JUnit test method defined for 'setSoapEndpoint()' |
JUNIT.TEST-2 |
|
123:
|
Globally unused "public" method: setSoapEndpoint() |
GLOBAL.UPPM-4 |
|
123:
|
Setter method 'setSoapEndpoint()' is not declared "final" |
OPT.MAF-5 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/web/form/BillPayForm.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
"import" not presented in alphabetical order: com.parasoft.parabank.domain.Payee |
CODSTA.ORG.ORIMP-5 |
|
7:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
7:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
7:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
10:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
10:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
10:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
10:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
10:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
10:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
10:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
10:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
10:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
10:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
10:
|
getter method without an @invariant contract: getPayee() |
DBC.IGM-3 |
|
10:
|
getter method without an @invariant contract: getVerifyAccount() |
DBC.IGM-3 |
|
10:
|
getter method without an @invariant contract: getAmount() |
DBC.IGM-3 |
|
10:
|
getter method without an @invariant contract: getFromAccountId() |
DBC.IGM-3 |
|
10:
|
Missing Javadoc tag '@since' for class 'BillPayForm' |
JAVADOC.ECTT-3 |
|
10:
|
Public clone method missing |
OOP.MUCOP-3 |
|
10:
|
Static creation method missing |
OOP.MUCOP-3 |
|
10:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
10:
|
Globally unused "public" class: com.parasoft.parabank.web.form.BillPayForm |
GLOBAL.UPPC-4 |
|
10:
|
Missing '@author' Javadoc tag: BillPayForm |
JAVADOC.MAJDT-4 |
|
10:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
10:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
10:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
10:
|
"class" missing a no argument constructor: BillPayForm |
CODSTA.POD.DCTOR-5 |
|
10:
|
"public" class without an '@invariant' contract: BillPayForm |
DBC.PUBC-3 |
|
10:
|
Missing '@version' Javadoc tag: BillPayForm |
JAVADOC.MVJDT-3 |
|
10:
|
Number of Javadoc comments are below thresholds (%): 8.0 |
METRICS.PJDC-3 |
|
10:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
11:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
11:
|
Field 'payee' is not initialized in its declaration |
INIT.CSI-4 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
Field 'verifyAccount' is not initialized in its declaration |
INIT.CSI-4 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
13:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
13:
|
Field 'amount' is not initialized in its declaration |
INIT.CSI-4 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
14:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
14:
|
Field 'fromAccountId' is not initialized in its declaration |
INIT.CSI-4 |
|
14:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
|
16:
|
No JUnit test method defined for 'getPayee()' |
JUNIT.TEST-2 |
|
16:
|
The method 'getPayee' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
16:
|
Globally unused "public" method: getPayee() |
GLOBAL.UPPM-4 |
|
16:
|
Getter method 'getPayee()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
Setter method 'setPayee()' is not declared "final" |
OPT.MAF-5 |
|
20:
|
No JUnit test method defined for 'setPayee()' |
JUNIT.TEST-2 |
|
20:
|
Globally unused "public" method: setPayee() |
GLOBAL.UPPM-4 |
|
20:
|
Formal parameter 'payee' is not declared as final |
CODSTA.BP.FPF-3 |
|
20:
|
The parameter 'payee' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
20:
|
Parameter 'payee' has the same name as a field |
OOP.HMF-3 |
|
24:
|
No JUnit test method defined for 'getVerifyAccount()' |
JUNIT.TEST-2 |
|
24:
|
The method 'getVerifyAccount' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
24:
|
Globally unused "public" method: getVerifyAccount() |
GLOBAL.UPPM-4 |
|
24:
|
Getter method 'getVerifyAccount()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
Setter method 'setVerifyAccount()' is not declared "final" |
OPT.MAF-5 |
|
28:
|
No JUnit test method defined for 'setVerifyAccount()' |
JUNIT.TEST-2 |
|
28:
|
Globally unused "public" method: setVerifyAccount() |
GLOBAL.UPPM-4 |
|
28:
|
Formal parameter 'verifyAccount' is not declared as final |
CODSTA.BP.FPF-3 |
|
28:
|
The parameter 'verifyAccount' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
28:
|
Parameter 'verifyAccount' has the same name as a field |
OOP.HMF-3 |
|
32:
|
No JUnit test method defined for 'getAmount()' |
JUNIT.TEST-2 |
|
32:
|
The method 'getAmount' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
32:
|
Globally unused "public" method: getAmount() |
GLOBAL.UPPM-4 |
|
32:
|
Getter method 'getAmount()' is not declared "final" |
OPT.MAF-5 |
|
36:
|
Setter method 'setAmount()' is not declared "final" |
OPT.MAF-5 |
|
36:
|
No JUnit test method defined for 'setAmount()' |
JUNIT.TEST-2 |
|
36:
|
Globally unused "public" method: setAmount() |
GLOBAL.UPPM-4 |
|
36:
|
Formal parameter 'amount' is not declared as final |
CODSTA.BP.FPF-3 |
|
36:
|
The parameter 'amount' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
36:
|
Parameter 'amount' has the same name as a field |
OOP.HMF-3 |
|
40:
|
No JUnit test method defined for 'getFromAccountId()' |
JUNIT.TEST-2 |
|
40:
|
Globally unused "public" method: getFromAccountId() |
GLOBAL.UPPM-4 |
|
40:
|
Getter method 'getFromAccountId()' is not declared "final" |
OPT.MAF-5 |
|
44:
|
Setter method 'setFromAccountId()' is not declared "final" |
OPT.MAF-5 |
|
44:
|
No JUnit test method defined for 'setFromAccountId()' |
JUNIT.TEST-2 |
|
44:
|
Globally unused "public" method: setFromAccountId() |
GLOBAL.UPPM-4 |
|
44:
|
Formal parameter 'fromAccountId' is not declared as final |
CODSTA.BP.FPF-3 |
|
44:
|
The parameter 'fromAccountId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
44:
|
Parameter 'fromAccountId' has the same name as a field |
OOP.HMF-3 |
|
44:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/web/form/ContactForm.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
3:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
3:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
3:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
6:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
6:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
6:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
6:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
6:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
6:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
6:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
6:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
6:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
6:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
6:
|
getter method without an @invariant contract: getName() |
DBC.IGM-3 |
|
6:
|
getter method without an @invariant contract: getEmail() |
DBC.IGM-3 |
|
6:
|
getter method without an @invariant contract: getPhone() |
DBC.IGM-3 |
|
6:
|
getter method without an @invariant contract: getMessage() |
DBC.IGM-3 |
|
6:
|
Missing Javadoc tag '@since' for class 'ContactForm' |
JAVADOC.ECTT-3 |
|
6:
|
Public clone method missing |
OOP.MUCOP-3 |
|
6:
|
Static creation method missing |
OOP.MUCOP-3 |
|
6:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
6:
|
Globally unused "public" class: com.parasoft.parabank.web.form.ContactForm |
GLOBAL.UPPC-4 |
|
6:
|
Missing '@author' Javadoc tag: ContactForm |
JAVADOC.MAJDT-4 |
|
6:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
6:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
6:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
6:
|
"class" missing a no argument constructor: ContactForm |
CODSTA.POD.DCTOR-5 |
|
6:
|
"public" class without an '@invariant' contract: ContactForm |
DBC.PUBC-3 |
|
6:
|
Missing '@version' Javadoc tag: ContactForm |
JAVADOC.MVJDT-3 |
|
6:
|
Number of Javadoc comments are below thresholds (%): 8.0 |
METRICS.PJDC-3 |
|
6:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
7:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
7:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
7:
|
Field 'name' is not initialized in its declaration |
INIT.CSI-4 |
|
8:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
8:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
8:
|
Field 'email' is not initialized in its declaration |
INIT.CSI-4 |
|
9:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
9:
|
Field 'phone' is not initialized in its declaration |
INIT.CSI-4 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
10:
|
Field 'message' is not initialized in its declaration |
INIT.CSI-4 |
|
12:
|
No JUnit test method defined for 'getName()' |
JUNIT.TEST-2 |
|
12:
|
The method 'getName' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
12:
|
Globally unused "public" method: getName() |
GLOBAL.UPPM-4 |
|
12:
|
Getter method 'getName()' is not declared "final" |
OPT.MAF-5 |
|
16:
|
Setter method 'setName()' is not declared "final" |
OPT.MAF-5 |
|
16:
|
No JUnit test method defined for 'setName()' |
JUNIT.TEST-2 |
|
16:
|
Globally unused "public" method: setName() |
GLOBAL.UPPM-4 |
|
16:
|
Formal parameter 'name' is not declared as final |
CODSTA.BP.FPF-3 |
|
16:
|
The parameter 'name' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
16:
|
Parameter 'name' has the same name as a field |
OOP.HMF-3 |
|
20:
|
No JUnit test method defined for 'getEmail()' |
JUNIT.TEST-2 |
|
20:
|
The method 'getEmail' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
20:
|
Globally unused "public" method: getEmail() |
GLOBAL.UPPM-4 |
|
20:
|
Getter method 'getEmail()' is not declared "final" |
OPT.MAF-5 |
|
24:
|
Setter method 'setEmail()' is not declared "final" |
OPT.MAF-5 |
|
24:
|
No JUnit test method defined for 'setEmail()' |
JUNIT.TEST-2 |
|
24:
|
Globally unused "public" method: setEmail() |
GLOBAL.UPPM-4 |
|
24:
|
Formal parameter 'email' is not declared as final |
CODSTA.BP.FPF-3 |
|
24:
|
The parameter 'email' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
24:
|
Parameter 'email' has the same name as a field |
OOP.HMF-3 |
|
28:
|
No JUnit test method defined for 'getPhone()' |
JUNIT.TEST-2 |
|
28:
|
The method 'getPhone' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
28:
|
Globally unused "public" method: getPhone() |
GLOBAL.UPPM-4 |
|
28:
|
Getter method 'getPhone()' is not declared "final" |
OPT.MAF-5 |
|
32:
|
Setter method 'setPhone()' is not declared "final" |
OPT.MAF-5 |
|
32:
|
No JUnit test method defined for 'setPhone()' |
JUNIT.TEST-2 |
|
32:
|
Globally unused "public" method: setPhone() |
GLOBAL.UPPM-4 |
|
32:
|
Formal parameter 'phone' is not declared as final |
CODSTA.BP.FPF-3 |
|
32:
|
The parameter 'phone' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
32:
|
Parameter 'phone' has the same name as a field |
OOP.HMF-3 |
|
36:
|
No JUnit test method defined for 'getMessage()' |
JUNIT.TEST-2 |
|
36:
|
The method 'getMessage' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
36:
|
Globally unused "public" method: getMessage() |
GLOBAL.UPPM-4 |
|
36:
|
Getter method 'getMessage()' is not declared "final" |
OPT.MAF-5 |
|
40:
|
Setter method 'setMessage()' is not declared "final" |
OPT.MAF-5 |
|
40:
|
No JUnit test method defined for 'setMessage()' |
JUNIT.TEST-2 |
|
40:
|
Globally unused "public" method: setMessage() |
GLOBAL.UPPM-4 |
|
40:
|
Formal parameter 'message' is not declared as final |
CODSTA.BP.FPF-3 |
|
40:
|
The parameter 'message' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
40:
|
Parameter 'message' has the same name as a field |
OOP.HMF-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/web/form/CustomerForm.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
8:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
CustomerForm has multiple constructors and should use chain constructors |
CODSTA.POD.CHAIN-3 |
|
8:
|
getter method without an @invariant contract: getCustomer() |
DBC.IGM-3 |
|
8:
|
getter method without an @invariant contract: getRepeatedPassword() |
DBC.IGM-3 |
|
8:
|
Missing Javadoc tag '@since' for class 'CustomerForm' |
JAVADOC.ECTT-3 |
|
8:
|
Public clone method missing |
OOP.MUCOP-3 |
|
8:
|
Static creation method missing |
OOP.MUCOP-3 |
|
8:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
8:
|
Globally unused "public" class: com.parasoft.parabank.web.form.CustomerForm |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: CustomerForm |
JAVADOC.MAJDT-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
"public" class without an '@invariant' contract: CustomerForm |
DBC.PUBC-3 |
|
8:
|
Missing '@version' Javadoc tag: CustomerForm |
JAVADOC.MVJDT-3 |
|
8:
|
Number of Javadoc comments are below thresholds (%): 13.0 |
METRICS.PJDC-3 |
|
8:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
13:
|
No JUnit test method defined for 'CustomerForm()' |
JUNIT.TEST-2 |
|
13:
|
Missing Javadoc comment for method 'CustomerForm()' |
JAVADOC.PJDM-3 |
|
13:
|
Globally unused "public" constructor CustomerForm() |
GLOBAL.UPPM-4 |
|
13:
|
Field 'repeatedPassword', declared on line 11, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
13:
|
Formal parameter 'customer' is not declared as final |
CODSTA.BP.FPF-3 |
|
13:
|
The parameter 'customer' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
13:
|
Parameter 'customer' has the same name as a field |
OOP.HMF-3 |
|
17:
|
No JUnit test method defined for 'CustomerForm()' |
JUNIT.TEST-2 |
|
17:
|
Missing Javadoc comment for method 'CustomerForm()' |
JAVADOC.PJDM-3 |
|
17:
|
Field 'repeatedPassword', declared on line 11, is not initialized in this constructor nor in its declaration |
INIT.CSI-4 |
|
21:
|
No JUnit test method defined for 'getCustomer()' |
JUNIT.TEST-2 |
|
21:
|
The method 'getCustomer' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
21:
|
Missing Javadoc comment for method 'getCustomer()' |
JAVADOC.PJDM-3 |
|
21:
|
Globally unused "public" method: getCustomer() |
GLOBAL.UPPM-4 |
|
21:
|
Getter method 'getCustomer()' is not declared "final" |
OPT.MAF-5 |
|
25:
|
Getter method 'getRepeatedPassword()' is not declared "final" |
OPT.MAF-5 |
|
25:
|
No JUnit test method defined for 'getRepeatedPassword()' |
JUNIT.TEST-2 |
|
25:
|
The method 'getRepeatedPassword' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
25:
|
Globally unused "public" method: getRepeatedPassword() |
GLOBAL.UPPM-4 |
|
29:
|
No JUnit test method defined for 'setRepeatedPassword()' |
JUNIT.TEST-2 |
|
29:
|
Globally unused "public" method: setRepeatedPassword() |
GLOBAL.UPPM-4 |
|
29:
|
Setter method 'setRepeatedPassword()' is not declared "final" |
OPT.MAF-5 |
|
29:
|
Formal parameter 'repeatedPassword' is not declared as final |
CODSTA.BP.FPF-3 |
|
29:
|
The parameter 'repeatedPassword' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
29:
|
Parameter 'repeatedPassword' has the same name as a field |
OOP.HMF-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/web/form/FindTransactionForm.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
8:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
getter method without an @invariant contract: getAccountId() |
DBC.IGM-3 |
|
8:
|
getter method without an @invariant contract: getCriteria() |
DBC.IGM-3 |
|
8:
|
Missing Javadoc tag '@since' for class 'FindTransactionForm' |
JAVADOC.ECTT-3 |
|
8:
|
Public clone method missing |
OOP.MUCOP-3 |
|
8:
|
Static creation method missing |
OOP.MUCOP-3 |
|
8:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
8:
|
Globally unused "public" class: com.parasoft.parabank.web.form.FindTransactionForm |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: FindTransactionForm |
JAVADOC.MAJDT-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
"class" missing a no argument constructor: FindTransactionForm |
CODSTA.POD.DCTOR-5 |
|
8:
|
"public" class without an '@invariant' contract: FindTransactionForm |
DBC.PUBC-3 |
|
8:
|
Missing '@version' Javadoc tag: FindTransactionForm |
JAVADOC.MVJDT-3 |
|
8:
|
Number of Javadoc comments are below thresholds (%): 15.0 |
METRICS.PJDC-3 |
|
8:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
9:
|
Field 'accountId' is not initialized in its declaration |
INIT.CSI-4 |
|
9:
|
Variable 'accountId' does not end with 'int' |
NAMING.UHN-4 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
10:
|
Field 'criteria' is not initialized in its declaration |
INIT.CSI-4 |
|
12:
|
No JUnit test method defined for 'getAccountId()' |
JUNIT.TEST-2 |
|
12:
|
Globally unused "public" method: getAccountId() |
GLOBAL.UPPM-4 |
|
12:
|
Getter method 'getAccountId()' is not declared "final" |
OPT.MAF-5 |
|
16:
|
Setter method 'setAccountId()' is not declared "final" |
OPT.MAF-5 |
|
16:
|
No JUnit test method defined for 'setAccountId()' |
JUNIT.TEST-2 |
|
16:
|
Globally unused "public" method: setAccountId() |
GLOBAL.UPPM-4 |
|
16:
|
Formal parameter 'accountId' is not declared as final |
CODSTA.BP.FPF-3 |
|
16:
|
The parameter 'accountId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
16:
|
Parameter 'accountId' has the same name as a field |
OOP.HMF-3 |
|
16:
|
Variable 'accountId' does not end with 'int' |
NAMING.UHN-4 |
|
20:
|
No JUnit test method defined for 'getCriteria()' |
JUNIT.TEST-2 |
|
20:
|
The method 'getCriteria' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
20:
|
Globally unused "public" method: getCriteria() |
GLOBAL.UPPM-4 |
|
20:
|
Getter method 'getCriteria()' is not declared "final" |
OPT.MAF-5 |
|
24:
|
Setter method 'setCriteria()' is not declared "final" |
OPT.MAF-5 |
|
24:
|
No JUnit test method defined for 'setCriteria()' |
JUNIT.TEST-2 |
|
24:
|
Globally unused "public" method: setCriteria() |
GLOBAL.UPPM-4 |
|
24:
|
Formal parameter 'criteria' is not declared as final |
CODSTA.BP.FPF-3 |
|
24:
|
The parameter 'criteria' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
24:
|
Parameter 'criteria' has the same name as a field |
OOP.HMF-3 |
|
27:
|
File should be terminated by a newline character |
APSC_DV.003215.TNL-3 |
|
27:
|
File should be terminated by a newline character |
FORMAT.TNL-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/web/form/LookupForm.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
8:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
getter method without an @invariant contract: getFirstName() |
DBC.IGM-3 |
|
8:
|
getter method without an @invariant contract: getLastName() |
DBC.IGM-3 |
|
8:
|
getter method without an @invariant contract: getAddress() |
DBC.IGM-3 |
|
8:
|
getter method without an @invariant contract: getSsn() |
DBC.IGM-3 |
|
8:
|
Missing Javadoc tag '@since' for class 'LookupForm' |
JAVADOC.ECTT-3 |
|
8:
|
Public clone method missing |
OOP.MUCOP-3 |
|
8:
|
Static creation method missing |
OOP.MUCOP-3 |
|
8:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
8:
|
Globally unused "public" class: com.parasoft.parabank.web.form.LookupForm |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: LookupForm |
JAVADOC.MAJDT-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
"class" missing a no argument constructor: LookupForm |
CODSTA.POD.DCTOR-5 |
|
8:
|
"public" class without an '@invariant' contract: LookupForm |
DBC.PUBC-3 |
|
8:
|
Missing '@version' Javadoc tag: LookupForm |
JAVADOC.MVJDT-3 |
|
8:
|
Number of Javadoc comments are below thresholds (%): 8.0 |
METRICS.PJDC-3 |
|
8:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
9:
|
Field 'firstName' is not initialized in its declaration |
INIT.CSI-4 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
10:
|
Field 'lastName' is not initialized in its declaration |
INIT.CSI-4 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
11:
|
Field 'address' is not initialized in its declaration |
INIT.CSI-4 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
12:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
12:
|
Field 'ssn' is not initialized in its declaration |
INIT.CSI-4 |
|
14:
|
No JUnit test method defined for 'getFirstName()' |
JUNIT.TEST-2 |
|
14:
|
The method 'getFirstName' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
14:
|
Globally unused "public" method: getFirstName() |
GLOBAL.UPPM-4 |
|
14:
|
Getter method 'getFirstName()' is not declared "final" |
OPT.MAF-5 |
|
18:
|
Setter method 'setFirstName()' is not declared "final" |
OPT.MAF-5 |
|
18:
|
No JUnit test method defined for 'setFirstName()' |
JUNIT.TEST-2 |
|
18:
|
Globally unused "public" method: setFirstName() |
GLOBAL.UPPM-4 |
|
18:
|
Formal parameter 'firstName' is not declared as final |
CODSTA.BP.FPF-3 |
|
18:
|
The parameter 'firstName' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
18:
|
Parameter 'firstName' has the same name as a field |
OOP.HMF-3 |
|
22:
|
No JUnit test method defined for 'getLastName()' |
JUNIT.TEST-2 |
|
22:
|
The method 'getLastName' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
22:
|
Globally unused "public" method: getLastName() |
GLOBAL.UPPM-4 |
|
22:
|
Getter method 'getLastName()' is not declared "final" |
OPT.MAF-5 |
|
26:
|
Setter method 'setLastName()' is not declared "final" |
OPT.MAF-5 |
|
26:
|
No JUnit test method defined for 'setLastName()' |
JUNIT.TEST-2 |
|
26:
|
Globally unused "public" method: setLastName() |
GLOBAL.UPPM-4 |
|
26:
|
Formal parameter 'lastName' is not declared as final |
CODSTA.BP.FPF-3 |
|
26:
|
The parameter 'lastName' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
26:
|
Parameter 'lastName' has the same name as a field |
OOP.HMF-3 |
|
30:
|
No JUnit test method defined for 'getAddress()' |
JUNIT.TEST-2 |
|
30:
|
The method 'getAddress' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
30:
|
Globally unused "public" method: getAddress() |
GLOBAL.UPPM-4 |
|
30:
|
Getter method 'getAddress()' is not declared "final" |
OPT.MAF-5 |
|
34:
|
Setter method 'setAddress()' is not declared "final" |
OPT.MAF-5 |
|
34:
|
No JUnit test method defined for 'setAddress()' |
JUNIT.TEST-2 |
|
34:
|
Globally unused "public" method: setAddress() |
GLOBAL.UPPM-4 |
|
34:
|
Formal parameter 'address' is not declared as final |
CODSTA.BP.FPF-3 |
|
34:
|
The parameter 'address' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
34:
|
Parameter 'address' has the same name as a field |
OOP.HMF-3 |
|
38:
|
No JUnit test method defined for 'getSsn()' |
JUNIT.TEST-2 |
|
38:
|
The method 'getSsn' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
38:
|
Globally unused "public" method: getSsn() |
GLOBAL.UPPM-4 |
|
38:
|
Getter method 'getSsn()' is not declared "final" |
OPT.MAF-5 |
|
42:
|
Setter method 'setSsn()' is not declared "final" |
OPT.MAF-5 |
|
42:
|
No JUnit test method defined for 'setSsn()' |
JUNIT.TEST-2 |
|
42:
|
Globally unused "public" method: setSsn() |
GLOBAL.UPPM-4 |
|
42:
|
Formal parameter 'ssn' is not declared as final |
CODSTA.BP.FPF-3 |
|
42:
|
The parameter 'ssn' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
42:
|
Parameter 'ssn' has the same name as a field |
OOP.HMF-3 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/web/form/OpenAccountForm.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
8:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
getter method without an @invariant contract: getType() |
DBC.IGM-3 |
|
8:
|
getter method without an @invariant contract: getFromAccountId() |
DBC.IGM-3 |
|
8:
|
Missing Javadoc tag '@since' for class 'OpenAccountForm' |
JAVADOC.ECTT-3 |
|
8:
|
Public clone method missing |
OOP.MUCOP-3 |
|
8:
|
Static creation method missing |
OOP.MUCOP-3 |
|
8:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
8:
|
Globally unused "public" class: com.parasoft.parabank.web.form.OpenAccountForm |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: OpenAccountForm |
JAVADOC.MAJDT-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
"class" missing a no argument constructor: OpenAccountForm |
CODSTA.POD.DCTOR-5 |
|
8:
|
"public" class without an '@invariant' contract: OpenAccountForm |
DBC.PUBC-3 |
|
8:
|
Missing '@version' Javadoc tag: OpenAccountForm |
JAVADOC.MVJDT-3 |
|
8:
|
Number of Javadoc comments are below thresholds (%): 15.0 |
METRICS.PJDC-3 |
|
8:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
9:
|
Field 'type' is not initialized in its declaration |
INIT.CSI-4 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
10:
|
Field 'fromAccountId' is not initialized in its declaration |
INIT.CSI-4 |
|
10:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
|
12:
|
No JUnit test method defined for 'getType()' |
JUNIT.TEST-2 |
|
12:
|
The method 'getType' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
12:
|
Globally unused "public" method: getType() |
GLOBAL.UPPM-4 |
|
12:
|
Getter method 'getType()' is not declared "final" |
OPT.MAF-5 |
|
16:
|
Setter method 'setType()' is not declared "final" |
OPT.MAF-5 |
|
16:
|
No JUnit test method defined for 'setType()' |
JUNIT.TEST-2 |
|
16:
|
Globally unused "public" method: setType() |
GLOBAL.UPPM-4 |
|
16:
|
Formal parameter 'type' is not declared as final |
CODSTA.BP.FPF-3 |
|
16:
|
The parameter 'type' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
16:
|
Parameter 'type' has the same name as a field |
OOP.HMF-3 |
|
20:
|
No JUnit test method defined for 'getFromAccountId()' |
JUNIT.TEST-2 |
|
20:
|
Globally unused "public" method: getFromAccountId() |
GLOBAL.UPPM-4 |
|
20:
|
Getter method 'getFromAccountId()' is not declared "final" |
OPT.MAF-5 |
|
24:
|
Setter method 'setFromAccountId()' is not declared "final" |
OPT.MAF-5 |
|
24:
|
No JUnit test method defined for 'setFromAccountId()' |
JUNIT.TEST-2 |
|
24:
|
Globally unused "public" method: setFromAccountId() |
GLOBAL.UPPM-4 |
|
24:
|
Formal parameter 'fromAccountId' is not declared as final |
CODSTA.BP.FPF-3 |
|
24:
|
The parameter 'fromAccountId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
24:
|
Parameter 'fromAccountId' has the same name as a field |
OOP.HMF-3 |
|
24:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/web/form/RequestLoanForm.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
8:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
getter method without an @invariant contract: getAmount() |
DBC.IGM-3 |
|
8:
|
getter method without an @invariant contract: getDownPayment() |
DBC.IGM-3 |
|
8:
|
getter method without an @invariant contract: getFromAccountId() |
DBC.IGM-3 |
|
8:
|
Missing Javadoc tag '@since' for class 'RequestLoanForm' |
JAVADOC.ECTT-3 |
|
8:
|
Public clone method missing |
OOP.MUCOP-3 |
|
8:
|
Static creation method missing |
OOP.MUCOP-3 |
|
8:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
8:
|
Globally unused "public" class: com.parasoft.parabank.web.form.RequestLoanForm |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: RequestLoanForm |
JAVADOC.MAJDT-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
"class" missing a no argument constructor: RequestLoanForm |
CODSTA.POD.DCTOR-5 |
|
8:
|
"public" class without an '@invariant' contract: RequestLoanForm |
DBC.PUBC-3 |
|
8:
|
Missing '@version' Javadoc tag: RequestLoanForm |
JAVADOC.MVJDT-3 |
|
8:
|
Number of Javadoc comments are below thresholds (%): 10.0 |
METRICS.PJDC-3 |
|
8:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
9:
|
Field 'amount' is not initialized in its declaration |
INIT.CSI-4 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
10:
|
Field 'downPayment' is not initialized in its declaration |
INIT.CSI-4 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
11:
|
Field 'fromAccountId' is not initialized in its declaration |
INIT.CSI-4 |
|
11:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
|
13:
|
No JUnit test method defined for 'getAmount()' |
JUNIT.TEST-2 |
|
13:
|
The method 'getAmount' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
13:
|
Globally unused "public" method: getAmount() |
GLOBAL.UPPM-4 |
|
13:
|
Getter method 'getAmount()' is not declared "final" |
OPT.MAF-5 |
|
17:
|
Setter method 'setAmount()' is not declared "final" |
OPT.MAF-5 |
|
17:
|
No JUnit test method defined for 'setAmount()' |
JUNIT.TEST-2 |
|
17:
|
Globally unused "public" method: setAmount() |
GLOBAL.UPPM-4 |
|
17:
|
Formal parameter 'amount' is not declared as final |
CODSTA.BP.FPF-3 |
|
17:
|
The parameter 'amount' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
17:
|
Parameter 'amount' has the same name as a field |
OOP.HMF-3 |
|
21:
|
No JUnit test method defined for 'getDownPayment()' |
JUNIT.TEST-2 |
|
21:
|
The method 'getDownPayment' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
21:
|
Globally unused "public" method: getDownPayment() |
GLOBAL.UPPM-4 |
|
21:
|
Getter method 'getDownPayment()' is not declared "final" |
OPT.MAF-5 |
|
25:
|
Setter method 'setDownPayment()' is not declared "final" |
OPT.MAF-5 |
|
25:
|
No JUnit test method defined for 'setDownPayment()' |
JUNIT.TEST-2 |
|
25:
|
Globally unused "public" method: setDownPayment() |
GLOBAL.UPPM-4 |
|
25:
|
Formal parameter 'downPayment' is not declared as final |
CODSTA.BP.FPF-3 |
|
25:
|
The parameter 'downPayment' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
25:
|
Parameter 'downPayment' has the same name as a field |
OOP.HMF-3 |
|
29:
|
No JUnit test method defined for 'getFromAccountId()' |
JUNIT.TEST-2 |
|
29:
|
Globally unused "public" method: getFromAccountId() |
GLOBAL.UPPM-4 |
|
29:
|
Getter method 'getFromAccountId()' is not declared "final" |
OPT.MAF-5 |
|
33:
|
Setter method 'setFromAccountId()' is not declared "final" |
OPT.MAF-5 |
|
33:
|
No JUnit test method defined for 'setFromAccountId()' |
JUNIT.TEST-2 |
|
33:
|
Globally unused "public" method: setFromAccountId() |
GLOBAL.UPPM-4 |
|
33:
|
Formal parameter 'fromAccountId' is not declared as final |
CODSTA.BP.FPF-3 |
|
33:
|
The parameter 'fromAccountId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
33:
|
Parameter 'fromAccountId' has the same name as a field |
OOP.HMF-3 |
|
33:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
| /com.parasoft:parabank/src/main/java/com/parasoft/parabank/web/form/TransferForm.java |
|
1:
|
This source file does not include a file header comment |
FORMAT.MCH-2 |
|
1:
|
This source file does not include a file header comment |
APSC_DV.003215.MCH-3 |
|
5:
|
Use 2 blank lines before type declaration |
APSC_DV.003215.BLCD-3 |
|
5:
|
Use 2 blank lines before type declaration |
FORMAT.BLCD-3 |
|
5:
|
Javadoc comment could be refitted to a single line |
JAVADOC.SINGLE-3 |
|
8:
|
Public clone method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Static creation method missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Copy constructor missing |
CERT.OBJ05.MUCOP-1 |
|
8:
|
Public clone method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Static creation method missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
Copy constructor missing |
CERT.OBJ06.MUCOP-2 |
|
8:
|
'clone()' method is missing |
CERT.OBJ07.MCNC-2 |
|
8:
|
Public clone method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Static creation method missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
Copy constructor missing |
CERT.OBJ04.MUCOP-3 |
|
8:
|
getter method without an @invariant contract: getAmount() |
DBC.IGM-3 |
|
8:
|
getter method without an @invariant contract: getFromAccountId() |
DBC.IGM-3 |
|
8:
|
getter method without an @invariant contract: getToAccountId() |
DBC.IGM-3 |
|
8:
|
Missing Javadoc tag '@since' for class 'TransferForm' |
JAVADOC.ECTT-3 |
|
8:
|
Public clone method missing |
OOP.MUCOP-3 |
|
8:
|
Static creation method missing |
OOP.MUCOP-3 |
|
8:
|
Copy constructor missing |
OOP.MUCOP-3 |
|
8:
|
Globally unused "public" class: com.parasoft.parabank.web.form.TransferForm |
GLOBAL.UPPC-4 |
|
8:
|
Missing '@author' Javadoc tag: TransferForm |
JAVADOC.MAJDT-4 |
|
8:
|
'writeObject()' method is missing |
CWE.499.SER-5 |
|
8:
|
'clone()' method is missing |
SECURITY.WSC.MCNC-5 |
|
8:
|
'writeObject()' method is missing |
SECURITY.WSC.SER-5 |
|
8:
|
"class" missing a no argument constructor: TransferForm |
CODSTA.POD.DCTOR-5 |
|
8:
|
"public" class without an '@invariant' contract: TransferForm |
DBC.PUBC-3 |
|
8:
|
Missing '@version' Javadoc tag: TransferForm |
JAVADOC.MVJDT-3 |
|
8:
|
Number of Javadoc comments are below thresholds (%): 10.0 |
METRICS.PJDC-3 |
|
8:
|
'readObject()' method is missing |
SECURITY.WSC.DSER-5 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
9:
|
Use 1 blank line before every field declaration (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
9:
|
Field 'amount' is not initialized in its declaration |
INIT.CSI-4 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
10:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
10:
|
Field 'fromAccountId' is not initialized in its declaration |
INIT.CSI-4 |
|
10:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
APSC_DV.003215.U2BL-3 |
|
11:
|
Use 1 blank line before every declaration of the same kind (or corresponding Javadoc) |
FORMAT.U2BL-3 |
|
11:
|
Field 'toAccountId' is not initialized in its declaration |
INIT.CSI-4 |
|
11:
|
Variable 'toAccountId' does not end with 'int' |
NAMING.UHN-4 |
|
13:
|
No JUnit test method defined for 'getAmount()' |
JUNIT.TEST-2 |
|
13:
|
The method 'getAmount' does not have a Javadoc comment describing whether or not the method can return null |
JAVADOC.CRN-3 |
|
13:
|
Globally unused "public" method: getAmount() |
GLOBAL.UPPM-4 |
|
13:
|
Getter method 'getAmount()' is not declared "final" |
OPT.MAF-5 |
|
17:
|
Setter method 'setAmount()' is not declared "final" |
OPT.MAF-5 |
|
17:
|
No JUnit test method defined for 'setAmount()' |
JUNIT.TEST-2 |
|
17:
|
Globally unused "public" method: setAmount() |
GLOBAL.UPPM-4 |
|
17:
|
Formal parameter 'amount' is not declared as final |
CODSTA.BP.FPF-3 |
|
17:
|
The parameter 'amount' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
17:
|
Parameter 'amount' has the same name as a field |
OOP.HMF-3 |
|
21:
|
No JUnit test method defined for 'getFromAccountId()' |
JUNIT.TEST-2 |
|
21:
|
Globally unused "public" method: getFromAccountId() |
GLOBAL.UPPM-4 |
|
21:
|
Getter method 'getFromAccountId()' is not declared "final" |
OPT.MAF-5 |
|
25:
|
Setter method 'setFromAccountId()' is not declared "final" |
OPT.MAF-5 |
|
25:
|
No JUnit test method defined for 'setFromAccountId()' |
JUNIT.TEST-2 |
|
25:
|
Globally unused "public" method: setFromAccountId() |
GLOBAL.UPPM-4 |
|
25:
|
Formal parameter 'fromAccountId' is not declared as final |
CODSTA.BP.FPF-3 |
|
25:
|
The parameter 'fromAccountId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
25:
|
Parameter 'fromAccountId' has the same name as a field |
OOP.HMF-3 |
|
25:
|
Variable 'fromAccountId' does not end with 'int' |
NAMING.UHN-4 |
|
29:
|
No JUnit test method defined for 'getToAccountId()' |
JUNIT.TEST-2 |
|
29:
|
Globally unused "public" method: getToAccountId() |
GLOBAL.UPPM-4 |
|
29:
|
Getter method 'getToAccountId()' is not declared "final" |
OPT.MAF-5 |
|
33:
|
Setter method 'setToAccountId()' is not declared "final" |
OPT.MAF-5 |
|
33:
|
No JUnit test method defined for 'setToAccountId()' |
JUNIT.TEST-2 |
|
33:
|
Globally unused "public" method: setToAccountId() |
GLOBAL.UPPM-4 |
|
33:
|
Formal parameter 'toAccountId' is not declared as final |
CODSTA.BP.FPF-3 |
|
33:
|
The parameter 'toAccountId' uses the same name as a field declared in an enclosing scope, which may cause confusion |
OOP.HIF-3 |
|
33:
|
Parameter 'toAccountId' has the same name as a field |
OOP.HMF-3 |
|
33:
|
Variable 'toAccountId' does not end with 'int' |
NAMING.UHN-4 |